From b575b54cb9fc211b5fc03bff36d62fa138ca9d98 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Fri, 24 Oct 2014 15:12:31 +0200
Subject: [PATCH] Forbid extended master secret with SSLv3

---
 library/ssl_cli.c |  4 +++-
 library/ssl_srv.c |  8 ++++++--
 tests/ssl-opt.sh  | 22 ++++++++++++++++++++++
 3 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index d7b16b8553..c40d62ec0a 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -365,7 +365,8 @@ static void ssl_write_extended_ms_ext( ssl_context *ssl,
 {
     unsigned char *p = buf;
 
-    if( ssl->extended_ms == SSL_EXTENDED_MS_DISABLED )
+    if( ssl->extended_ms == SSL_EXTENDED_MS_DISABLED ||
+        ssl->max_minor_ver == SSL_MINOR_VERSION_0 )
     {
         *olen = 0;
         return;
@@ -816,6 +817,7 @@ static int ssl_parse_extended_ms_ext( ssl_context *ssl,
                                          size_t len )
 {
     if( ssl->extended_ms == SSL_EXTENDED_MS_DISABLED ||
+        ssl->minor_ver == SSL_MINOR_VERSION_0 ||
         len != 0 )
     {
         return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index f65338edc8..ad67c2215e 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -648,8 +648,11 @@ static int ssl_parse_extended_ms_ext( ssl_context *ssl,
 
     ((void) buf);
 
-    if( ssl->extended_ms == SSL_EXTENDED_MS_ENABLED )
+    if( ssl->extended_ms == SSL_EXTENDED_MS_ENABLED &&
+        ssl->minor_ver != SSL_MINOR_VERSION_0 )
+    {
         ssl->handshake->extended_ms = SSL_EXTENDED_MS_ENABLED;
+    }
 
     return( 0 );
 }
@@ -1686,7 +1689,8 @@ static void ssl_write_extended_ms_ext( ssl_context *ssl,
 {
     unsigned char *p = buf;
 
-    if( ssl->handshake->extended_ms == SSL_EXTENDED_MS_DISABLED )
+    if( ssl->handshake->extended_ms == SSL_EXTENDED_MS_DISABLED ||
+        ssl->minor_ver == SSL_MINOR_VERSION_0 )
     {
         *olen = 0;
         return;
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index eeac11bc89..38bc89b7a9 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -475,6 +475,28 @@ run_test    "Extended Master Secret: client disabled, server enabled" \
             -C "using extended master secret" \
             -S "using extended master secret"
 
+run_test    "Extended Master Secret: client SSLv3, server enabled" \
+            "$P_SRV debug_level=3" \
+            "$P_CLI debug_level=3 force_version=ssl3" \
+            0 \
+            -C "client hello, adding extended_master_secret extension" \
+            -S "found extended master secret extension" \
+            -S "server hello, adding extended master secret extension" \
+            -C "found extended_master_secret extension" \
+            -C "using extended master secret" \
+            -S "using extended master secret"
+
+run_test    "Extended Master Secret: client enabled, server SSLv3" \
+            "$P_SRV debug_level=3 force_version=ssl3" \
+            "$P_CLI debug_level=3" \
+            0 \
+            -c "client hello, adding extended_master_secret extension" \
+            -s "found extended master secret extension" \
+            -S "server hello, adding extended master secret extension" \
+            -C "found extended_master_secret extension" \
+            -C "using extended master secret" \
+            -S "using extended master secret"
+
 # Tests for FALLBACK_SCSV
 
 run_test    "Fallback SCSV: default" \