diff options
author | AnotherTest <ali.mpfard@gmail.com> | 2020-08-24 06:48:40 +0430 |
---|---|---|
committer | Andreas Kling <kling@serenityos.org> | 2020-08-24 09:29:39 +0200 |
commit | 0be3937be7b7bcded9cc1473b6c33ae975fe1adb (patch) | |
tree | b88239c2a39393cbea96c27d590ddb038d49a915 | |
parent | 7a2b5d1328fa19d38e45f9b7ded86f92b1bfff8a (diff) | |
download | serenity-0be3937be7b7bcded9cc1473b6c33ae975fe1adb.zip |
LibTLS: Do not process_message() the finished message twice
With two different sequence numbers to boot!
Fixes #3273
-rw-r--r-- | Libraries/LibTLS/ClientHandshake.cpp | 3 | ||||
-rw-r--r-- | Libraries/LibTLS/Record.cpp | 8 |
2 files changed, 6 insertions, 5 deletions
diff --git a/Libraries/LibTLS/ClientHandshake.cpp b/Libraries/LibTLS/ClientHandshake.cpp index 52389f0e0f..8b4bc28fa0 100644 --- a/Libraries/LibTLS/ClientHandshake.cpp +++ b/Libraries/LibTLS/ClientHandshake.cpp @@ -216,7 +216,6 @@ ssize_t TLSv12::handle_finished(const ByteBuffer& buffer, WritePacketStage& writ size_t index = 3; u32 size = buffer[0] * 0x10000 + buffer[1] * 0x100 + buffer[2]; - index += 3; if (size < 12) { #ifdef TLS_DEBUG @@ -248,7 +247,7 @@ ssize_t TLSv12::handle_finished(const ByteBuffer& buffer, WritePacketStage& writ if (on_tls_ready_to_write) on_tls_ready_to_write(*this); - return handle_message(buffer); + return index + size; } void TLSv12::build_random(PacketBuilder& builder) diff --git a/Libraries/LibTLS/Record.cpp b/Libraries/LibTLS/Record.cpp index ba9cb23134..3d468778dc 100644 --- a/Libraries/LibTLS/Record.cpp +++ b/Libraries/LibTLS/Record.cpp @@ -233,11 +233,13 @@ ssize_t TLSv12::handle_message(const ByteBuffer& buffer) return (i8)Error::BrokenPacket; } - const u8* message_hmac = decrypted_span.offset(length - mac_size); + length -= mac_size; + + const u8* message_hmac = decrypted_span.offset(length); u8 temp_buf[5]; memcpy(temp_buf, buffer.offset_pointer(0), 3); *(u16*)(temp_buf + 3) = convert_between_host_and_network(length); - auto hmac = hmac_message({ temp_buf, 5 }, decrypted_span, mac_size); + auto hmac = hmac_message({ temp_buf, 5 }, decrypted_span.slice(0, length), mac_size); auto message_mac = ByteBuffer::wrap(const_cast<u8*>(message_hmac), mac_size); if (hmac != message_mac) { dbg() << "integrity check failed (mac length " << length << ")"; @@ -250,7 +252,7 @@ ssize_t TLSv12::handle_message(const ByteBuffer& buffer) return (i8)Error::IntegrityCheckFailed; } - plain = decrypted.slice(0, length - mac_size); + plain = decrypted.slice(0, length); } m_context.remote_sequence_number++; |