From 89b4969be43c01345df772032714802a00b107d0 Mon Sep 17 00:00:00 2001 From: tb Date: Thu, 30 Jun 2022 11:17:49 +0000 Subject: [PATCH] Add checks to ensure we do not initiate or negotiate handshakes with versions below the minimum required by the security level. input & ok jsing --- lib/libssl/ssl_clnt.c | 9 ++++++++- lib/libssl/ssl_locl.h | 3 ++- lib/libssl/ssl_seclevel.c | 8 +++++++- lib/libssl/ssl_srvr.c | 9 ++++++++- lib/libssl/ssl_versions.c | 12 +++++++++--- 5 files changed, 34 insertions(+), 7 deletions(-) diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c index d49d8ef0560..604b55277cf 100644 --- a/lib/libssl/ssl_clnt.c +++ b/lib/libssl/ssl_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_clnt.c,v 1.148 2022/06/29 08:34:04 tb Exp $ */ +/* $OpenBSD: ssl_clnt.c,v 1.149 2022/06/30 11:17:49 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -221,6 +221,13 @@ ssl3_connect(SSL *s) goto end; } + if (!ssl_security_version(s, + s->s3->hs.our_min_tls_version)) { + SSLerror(s, SSL_R_VERSION_TOO_LOW); + ret = -1; + goto end; + } + if (!ssl3_setup_init_buffer(s)) { ret = -1; goto end; diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index b46e37f5eb0..d466b596422 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.407 2022/06/29 21:18:04 tb Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.408 2022/06/30 11:17:49 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1301,6 +1301,7 @@ int ssl_ctx_security(const SSL_CTX *ctx, int op, int bits, int nid, int ssl_security(const SSL *ssl, int op, int bits, int nid, void *other); int ssl_ctx_security_dh(const SSL_CTX *ctx, DH *dh); int ssl_security_dh(const SSL *ssl, DH *dh); +int ssl_security_version(const SSL *ssl, int version); int ssl_security_cert(const SSL_CTX *ctx, const SSL *ssl, X509 *x509, int is_peer, int *out_error); int ssl_security_cert_chain(const SSL *ssl, STACK_OF(X509) *sk, diff --git a/lib/libssl/ssl_seclevel.c b/lib/libssl/ssl_seclevel.c index b174f57f0cf..2fe6e3f222a 100644 --- a/lib/libssl/ssl_seclevel.c +++ b/lib/libssl/ssl_seclevel.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_seclevel.c,v 1.11 2022/06/30 07:09:45 tb Exp $ */ +/* $OpenBSD: ssl_seclevel.c,v 1.12 2022/06/30 11:17:49 tb Exp $ */ /* * Copyright (c) 2020 Theo Buehler * @@ -232,6 +232,12 @@ ssl_security(const SSL *ssl, int op, int bits, int nid, void *other) ssl->cert->security_ex_data); } +int +ssl_security_version(const SSL *ssl, int tls_version) +{ + return ssl_security(ssl, SSL_SECOP_VERSION, 0, tls_version, NULL); +} + int ssl_ctx_security_dh(const SSL_CTX *ctx, DH *dh) { diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c index e37f9cfdb7a..8f110831e49 100644 --- a/lib/libssl/ssl_srvr.c +++ b/lib/libssl/ssl_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_srvr.c,v 1.145 2022/06/29 08:27:51 tb Exp $ */ +/* $OpenBSD: ssl_srvr.c,v 1.146 2022/06/30 11:17:50 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -223,6 +223,13 @@ ssl3_accept(SSL *s) goto end; } + if (!ssl_security_version(s, + s->s3->hs.our_min_tls_version)) { + SSLerror(s, SSL_R_VERSION_TOO_LOW); + ret = -1; + goto end; + } + if (!ssl3_setup_init_buffer(s)) { ret = -1; goto end; diff --git a/lib/libssl/ssl_versions.c b/lib/libssl/ssl_versions.c index 4069670dc94..06e26b80591 100644 --- a/lib/libssl/ssl_versions.c +++ b/lib/libssl/ssl_versions.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_versions.c,v 1.22 2022/02/05 14:54:10 jsing Exp $ */ +/* $OpenBSD: ssl_versions.c,v 1.23 2022/06/30 11:17:50 tb Exp $ */ /* * Copyright (c) 2016, 2017 Joel Sing * @@ -329,6 +329,9 @@ ssl_max_shared_version(SSL *s, uint16_t peer_ver, uint16_t *max_ver) return 0; } + if (!ssl_security_version(s, shared_version)) + return 0; + *max_ver = shared_version; return 1; @@ -352,8 +355,11 @@ ssl_check_version_from_server(SSL *s, uint16_t server_version) &max_tls_version)) return 0; - return (server_tls_version >= min_tls_version && - server_tls_version <= max_tls_version); + if (server_tls_version < min_tls_version || + server_tls_version > max_tls_version) + return 0; + + return ssl_security_version(s, server_tls_version); } int -- 2.20.1