Switch an assert back to a check.

The assert was supposed to be *added* in fcf25833 but instead replaced the check. BUG=465557 Change-Id: I0d3db5038515021e5bdd1ccb9ff08d4f78552621 Reviewed-on: https://boringssl-review.googlesource.com/3850 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
Use SSL_CLIENT_USE_TLS1_2_CIPHERS instead of ssl3_version_from_wire.
2015-03-09 19:17:48 -07:00 · 2015-02-02 18:30:50 +00:00 · 2015-01-26 10:47:11 -08:00
3 changed files with 10 additions and 2 deletions
@@ -201,7 +201,10 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) {
    rb->offset = len + align;
  }

-  assert(n <= (int)(rb->len - rb->offset));
+  if (n > (int)(rb->len - rb->offset)) {
+    OPENSSL_PUT_ERROR(SSL, ssl3_read_n, ERR_R_INTERNAL_ERROR);
+    return -1;
+  }

  if (!s->read_ahead) {
    /* ignore max parameter */
@@ -954,7 +954,7 @@ uint8_t *ssl_add_clienthello_tlsext(SSL *s, uint8_t *buf, uint8_t *limit,
    }
  }

-  if (SSL_USE_SIGALGS(s)) {
+  if (SSL_CLIENT_USE_TLS1_2_CIPHERS(s)) {
    size_t salglen;
    const uint8_t *salg;
    salglen = tls12_get_psigalgs(s, &salg);
@@ -172,6 +172,11 @@ func (hs *serverHandshakeState) readClientHello() (isResume bool, err error) {
 	}
 	c.clientVersion = hs.clientHello.vers

+	// Reject < 1.2 ClientHellos with signature_algorithms.
+	if c.clientVersion < VersionTLS12 && len(hs.clientHello.signatureAndHashes) > 0 {
+		return false, fmt.Errorf("tls: client included signature_algorithms before TLS 1.2")
+	}
+
 	c.vers, ok = config.mutualVersion(hs.clientHello.vers)
 	if !ok {
 		c.sendAlert(alertProtocolVersion)