mirror of
https://github.com/openssl/openssl.git
synced 2026-05-07 20:12:39 +00:00
Removes SSLv2 support in TLSProxy.
Reviewed-by: Matt Caswell <matt@openssl.foundation> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> MergeDate: Fri Apr 24 20:11:08 2026 (Merged from https://github.com/openssl/openssl/pull/30916)
This commit is contained in:
Frederik Wedel-Heinen
committed by
Nikola Pajkovsky
Nikola Pajkovsky
parent
35852da1d9
commit
7fb28b9cd0
@@ -119,7 +119,6 @@ sub add_maximal_padding_filter
|
||||
TLSProxy::Record::RT_APPLICATION_DATA,
|
||||
TLSProxy::Record::VERS_TLS_1_2,
|
||||
length($data),
|
||||
0,
|
||||
length($data),
|
||||
$plaintext_len,
|
||||
$data,
|
||||
|
||||
@@ -310,7 +310,6 @@ sub add_empty_recs_filter
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
"",
|
||||
""
|
||||
);
|
||||
@@ -322,7 +321,6 @@ sub add_empty_recs_filter
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
"",
|
||||
""
|
||||
);
|
||||
@@ -343,19 +341,6 @@ sub add_frag_alert_filter
|
||||
return;
|
||||
}
|
||||
|
||||
# Add a zero length fragment first
|
||||
#my $record = TLSProxy::Record->new(
|
||||
# 0,
|
||||
# TLSProxy::Record::RT_ALERT,
|
||||
# TLSProxy::Record::VERS_TLS_1_2,
|
||||
# 0,
|
||||
# 0,
|
||||
# 0,
|
||||
# "",
|
||||
# ""
|
||||
#);
|
||||
#push @{$proxy->record_list}, $record;
|
||||
|
||||
# Now add the alert level (Fatal) as a separate record
|
||||
$byte = pack('C', TLSProxy::Message::AL_LEVEL_FATAL);
|
||||
my $record = TLSProxy::Record->new(
|
||||
@@ -363,7 +348,6 @@ sub add_frag_alert_filter
|
||||
TLSProxy::Record::RT_ALERT,
|
||||
TLSProxy::Record::VERS_TLS_1_2,
|
||||
1,
|
||||
0,
|
||||
1,
|
||||
1,
|
||||
$byte,
|
||||
@@ -378,7 +362,6 @@ sub add_frag_alert_filter
|
||||
TLSProxy::Record::RT_ALERT,
|
||||
TLSProxy::Record::VERS_TLS_1_2,
|
||||
1,
|
||||
0,
|
||||
1,
|
||||
1,
|
||||
$byte,
|
||||
@@ -413,7 +396,6 @@ sub add_unknown_record_type
|
||||
@{$records}[-1]->epoch(),
|
||||
@{$records}[-1]->seq() +1,
|
||||
1,
|
||||
0,
|
||||
1,
|
||||
1,
|
||||
"X",
|
||||
@@ -425,7 +407,6 @@ sub add_unknown_record_type
|
||||
TLSProxy::Record::RT_UNKNOWN,
|
||||
@{$records}[-1]->version(),
|
||||
1,
|
||||
0,
|
||||
1,
|
||||
1,
|
||||
"X",
|
||||
@@ -569,7 +550,6 @@ sub not_on_record_boundary
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
"",
|
||||
""
|
||||
);
|
||||
@@ -599,7 +579,6 @@ sub not_on_record_boundary
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
"",
|
||||
""
|
||||
);
|
||||
@@ -624,7 +603,6 @@ sub not_on_record_boundary
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
"",
|
||||
""
|
||||
);
|
||||
@@ -645,7 +623,6 @@ sub not_on_record_boundary
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
"",
|
||||
""
|
||||
);
|
||||
@@ -694,7 +671,6 @@ sub empty_app_data
|
||||
1,
|
||||
1,
|
||||
length($data),
|
||||
0,
|
||||
length($data),
|
||||
0,
|
||||
$data,
|
||||
|
||||
@@ -177,7 +177,6 @@ sub hrr_filter
|
||||
$hrr_record->content_type(),
|
||||
$hrr_record->version(),
|
||||
$hrr_record->len(),
|
||||
$hrr_record->sslv2(),
|
||||
$hrr_record->len_real(),
|
||||
$hrr_record->decrypt_len(),
|
||||
$hrr_record->data(),
|
||||
|
||||
@@ -121,7 +121,6 @@ sub get_records
|
||||
$epoch,
|
||||
$seq,
|
||||
$len,
|
||||
0,
|
||||
$len, # len_real
|
||||
$len, # decrypt_len
|
||||
$data, # data
|
||||
@@ -133,7 +132,6 @@ sub get_records
|
||||
$content_type,
|
||||
$version,
|
||||
$len,
|
||||
0,
|
||||
$len, # len_real
|
||||
$len, # decrypt_len
|
||||
$data, # data
|
||||
@@ -215,7 +213,6 @@ sub new_dtls
|
||||
$epoch,
|
||||
$seq,
|
||||
$len,
|
||||
$sslv2,
|
||||
$len_real,
|
||||
$decrypt_len,
|
||||
$data,
|
||||
@@ -227,7 +224,6 @@ sub new_dtls
|
||||
$epoch,
|
||||
$seq,
|
||||
$len,
|
||||
$sslv2,
|
||||
$len_real,
|
||||
$decrypt_len,
|
||||
$data,
|
||||
@@ -241,7 +237,6 @@ sub new
|
||||
$content_type,
|
||||
$version,
|
||||
$len,
|
||||
$sslv2,
|
||||
$len_real,
|
||||
$decrypt_len,
|
||||
$data,
|
||||
@@ -254,7 +249,6 @@ sub new
|
||||
0, #epoch
|
||||
0, #seq
|
||||
$len,
|
||||
$sslv2,
|
||||
$len_real,
|
||||
$decrypt_len,
|
||||
$data,
|
||||
@@ -271,7 +265,6 @@ sub init
|
||||
$epoch,
|
||||
$seq,
|
||||
$len,
|
||||
$sslv2,
|
||||
$len_real,
|
||||
$decrypt_len,
|
||||
$data,
|
||||
@@ -285,7 +278,6 @@ sub init
|
||||
epoch => $epoch,
|
||||
seq => $seq,
|
||||
len => $len,
|
||||
sslv2 => $sslv2,
|
||||
len_real => $len_real,
|
||||
decrypt_len => $decrypt_len,
|
||||
data => $data,
|
||||
@@ -388,27 +380,23 @@ sub reconstruct_record
|
||||
}
|
||||
$self->{sent} = 1;
|
||||
|
||||
if ($self->sslv2) {
|
||||
$data = pack('n', $self->len | 0x8000);
|
||||
if($self->{isdtls}) {
|
||||
my $seqhi = ($self->seq >> 32) & 0xffff;
|
||||
my $seqmi = ($self->seq >> 16) & 0xffff;
|
||||
my $seqlo = ($self->seq >> 0) & 0xffff;
|
||||
$data = pack('Cnnnnnn', $self->content_type, $self->version,
|
||||
$self->epoch, $seqhi, $seqmi, $seqlo, $self->len);
|
||||
} else {
|
||||
if($self->{isdtls}) {
|
||||
my $seqhi = ($self->seq >> 32) & 0xffff;
|
||||
my $seqmi = ($self->seq >> 16) & 0xffff;
|
||||
my $seqlo = ($self->seq >> 0) & 0xffff;
|
||||
$data = pack('Cnnnnnn', $self->content_type, $self->version,
|
||||
$self->epoch, $seqhi, $seqmi, $seqlo, $self->len);
|
||||
} else {
|
||||
if (TLSProxy::Proxy->is_tls13() && $self->encrypted) {
|
||||
$data = pack('Cnn', $self->outer_content_type, $self->version,
|
||||
$self->len);
|
||||
}
|
||||
else {
|
||||
$data = pack('Cnn', $self->content_type, $self->version,
|
||||
$self->len);
|
||||
}
|
||||
if (TLSProxy::Proxy->is_tls13() && $self->encrypted) {
|
||||
$data = pack('Cnn', $self->outer_content_type, $self->version,
|
||||
$self->len);
|
||||
}
|
||||
else {
|
||||
$data = pack('Cnn', $self->content_type, $self->version,
|
||||
$self->len);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
$data .= $self->data;
|
||||
|
||||
return $data;
|
||||
@@ -420,11 +408,6 @@ sub flight
|
||||
my $self = shift;
|
||||
return $self->{flight};
|
||||
}
|
||||
sub sslv2
|
||||
{
|
||||
my $self = shift;
|
||||
return $self->{sslv2};
|
||||
}
|
||||
sub len_real
|
||||
{
|
||||
my $self = shift;
|
||||
|
||||
Reference in New Issue
Block a user