mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-19 00:40:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #1177 from ronald-cron-arm/tls-max-version-reset

Browse Source 
Reset properly the TLS maximum negotiable version
This commit is contained in:
Janos Follath 2024-02-09 16:04:59 +00:00 committed by GitHub
commit ad736991bb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog.d/tls-max-version-reset.txt Normal file
View File

@ -0,0 +1,6 @@
Security
* Restore the maximum TLS version to be negotiated to the configured one
when an SSL context is reset with the mbedtls_ssl_session_reset() API.
An attacker was able to prevent an Mbed TLS server from establishing any
TLS 1.3 connection potentially resulting in a Denial of Service or forced
version downgrade from TLS 1.3 to TLS 1.2. Fixes #8654 reported by hey3e.

1
library/ssl_tls.c
View File

@ -1540,6 +1540,7 @@ int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial)
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
ssl->state = MBEDTLS_SSL_HELLO_REQUEST;
ssl->tls_version = ssl->conf->max_tls_version;
mbedtls_ssl_session_reset_msg_layer(ssl, partial);

24
tests/ssl-opt.sh
View File

@ -11700,6 +11700,30 @@ run_test "TLS 1.3: Default" \
-s "ECDH/FFDH group: " \
-s "selected signature algorithm ecdsa_secp256r1_sha256"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
run_test "Establish TLS 1.2 then TLS 1.3 session" \
"$P_SRV" \
"( $P_CLI force_version=tls12; \
$P_CLI force_version=tls13 )" \
0 \
-s "Protocol is TLSv1.2" \
-s "Protocol is TLSv1.3" \
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
run_test "Establish TLS 1.3 then TLS 1.2 session" \
"$P_SRV" \
"( $P_CLI force_version=tls13; \
$P_CLI force_version=tls12 )" \
0 \
-s "Protocol is TLSv1.3" \
-s "Protocol is TLSv1.2" \
requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C