diff options
author | Andy Polyakov <appro@openssl.org> | 2007-10-09 19:22:01 +0000 |
---|---|---|
committer | Andy Polyakov <appro@openssl.org> | 2007-10-09 19:22:01 +0000 |
commit | 91d509f0d9e1dc070767eef3e3869d4bbb01e752 (patch) | |
tree | bfe02d2af199f5c5c481855d2bd27a5f4cc8b32a | |
parent | d5e858c55f4a4f9ec2b27896e839dffd2edc1578 (diff) | |
download | openssl-91d509f0d9e1dc070767eef3e3869d4bbb01e752.tar.gz |
Make DTLS1 record layer MAC calculation RFC compliant. From HEAD with a
twist: server interoperates with non-compliant pre-0.9.8f client.
-rw-r--r-- | ssl/t1_enc.c | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 68448b98ca..ed5a4a7255 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -738,15 +738,35 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) md_size=EVP_MD_size(hash); buf[0]=rec->type; - buf[1]=TLS1_VERSION_MAJOR; - buf[2]=TLS1_VERSION_MINOR; + if (ssl->version == DTLS1_VERSION && ssl->client_version == DTLS1_BAD_VER) + { + buf[1]=TLS1_VERSION_MAJOR; + buf[2]=TLS1_VERSION_MINOR; + } + else { + buf[1]=(unsigned char)(ssl->version>>8); + buf[2]=(unsigned char)(ssl->version); + } + buf[3]=rec->length>>8; buf[4]=rec->length&0xff; /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */ HMAC_CTX_init(&hmac); HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL); - HMAC_Update(&hmac,seq,8); + + if (ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER) + { + unsigned char dtlsseq[8],*p=dtlsseq; + + s2n(send?ssl->d1->w_epoch:ssl->d1->r_epoch, p); + memcpy (p,&seq[2],6); + + HMAC_Update(&hmac,dtlsseq,8); + } + else + HMAC_Update(&hmac,seq,8); + HMAC_Update(&hmac,buf,5); HMAC_Update(&hmac,rec->input,rec->length); HMAC_Final(&hmac,md,&md_size); @@ -763,8 +783,8 @@ printf("rec="); {unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); } #endif - if ( SSL_version(ssl) != DTLS1_VERSION) - { + if ( SSL_version(ssl) != DTLS1_VERSION) + { for (i=7; i>=0; i--) { ++seq[i]; |