Merge branch 'maint'

Conflicts: OTP_VERSION
author: Ingela Anderton Andin <[email protected]> 2017-11-23 17:07:08 +0100
committer: Ingela Anderton Andin <[email protected]> 2017-11-23 17:07:08 +0100
commit: 6a51514556328dcc56de8f2b75eae01b18b96637 (patch)
tree: e22dac4c9e289a29646838b1406d144d915ea31a /lib/ssl/src
parent: 754afa1d10e32d2e50d0a8b5ddf316037ba9d6fc (diff)
parent: a453532fe31eecd8c39b5035702ee20b402fd687 (diff)
download: otp-6a51514556328dcc56de8f2b75eae01b18b96637.tar.gz
otp-6a51514556328dcc56de8f2b75eae01b18b96637.tar.bz2
otp-6a51514556328dcc56de8f2b75eae01b18b96637.zip
5 files changed, 22 insertions, 4 deletions
diff --git a/lib/ssl/src/dtls_connection.erl b/lib/ssl/src/dtls_connection.erl
index eed49ca090..1907b67690 100644
--- a/lib/ssl/src/dtls_connection.erl
+++ b/lib/ssl/src/dtls_connection.erl
@@ -461,7 +461,6 @@ init({call, _} = Type, Event, #state{role = server} = State) ->
     ssl_connection:?FUNCTION_NAME(Type, Event, State#state{flight_state = reliable}, ?MODULE);
 init(Type, Event, State) ->
     ssl_connection:?FUNCTION_NAME(Type, Event, State, ?MODULE).
-
 %%--------------------------------------------------------------------
 -spec error(gen_statem:event_type(),
 	   {start, timeout()} | term(), #state{}) ->
@@ -596,6 +595,7 @@ abbreviated(state_timeout, Event, State) ->
     handle_state_timeout(Event, ?FUNCTION_NAME, State);
 abbreviated(Type, Event, State) ->
     ssl_connection:?FUNCTION_NAME(Type, Event, State, ?MODULE).
+
 %%--------------------------------------------------------------------
 -spec certify(gen_statem:event_type(), term(), #state{}) ->
 		     gen_statem:state_function_result().
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 79485833e0..414b181078 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -1541,8 +1541,25 @@ server_certify_and_key_exchange(State0, Connection) ->
     request_client_cert(State2, Connection).
 
 certify_client_key_exchange(#encrypted_premaster_secret{premaster_secret= EncPMS},
-			    #state{private_key = Key} = State, Connection) ->
-    PremasterSecret = ssl_handshake:premaster_secret(EncPMS, Key),
+			    #state{private_key = Key, client_hello_version = {Major, Minor} = Version} = State, Connection) ->
+
+    %% Countermeasure for Bleichenbacher attack always provide some kind of premaster secret
+    %% and fail handshake later.RFC 5246 section 7.4.7.1.
+    PremasterSecret =
+        try ssl_handshake:premaster_secret(EncPMS, Key) of
+            Secret when erlang:byte_size(Secret) == ?NUM_OF_PREMASTERSECRET_BYTES ->
+                case Secret of
+                    <<?BYTE(Major), ?BYTE(Minor), _/binary>> -> %% Correct
+                        Secret;
+                    <<?BYTE(_), ?BYTE(_), Rest/binary>> -> %% Version mismatch
+                        <<?BYTE(Major), ?BYTE(Minor), Rest/binary>>
+                end;
+            _ -> %% erlang:byte_size(Secret) =/= ?NUM_OF_PREMASTERSECRET_BYTES
+                make_premaster_secret(Version, rsa)
+        catch 
+            #alert{description = ?DECRYPT_ERROR} ->
+                make_premaster_secret(Version, rsa)     
+        end,        
     calculate_master_secret(PremasterSecret, State, Connection, certify, cipher);
 certify_client_key_exchange(#client_diffie_hellman_public{dh_public = ClientPublicDhKey},
 			    #state{diffie_hellman_params = #'DHParameter'{} = Params,
diff --git a/lib/ssl/src/ssl_connection.hrl b/lib/ssl/src/ssl_connection.hrl
index 3e26f67de1..f9d2149170 100644
--- a/lib/ssl/src/ssl_connection.hrl
+++ b/lib/ssl/src/ssl_connection.hrl
@@ -57,6 +57,7 @@
 	  session_cache_cb      :: atom(),
 	  crl_db                :: term(), 
           negotiated_version    :: ssl_record:ssl_version() | 'undefined',
+          client_hello_version  :: ssl_record:ssl_version() | 'undefined',
           client_certificate_requested = false :: boolean(),
 	  key_algorithm         :: ssl_cipher:key_algo(),
 	  hashsign_algorithm = {undefined, undefined},
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index 1560340ccf..24f3a97b9b 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -1224,7 +1224,6 @@ certificate_authorities_from_db(_CertDbHandle, {extracted, CertDbData}) ->
 		[], CertDbData).
 
 %%-------------Handle handshake messages --------------------------------
-
 validation_fun_and_state({Fun, UserState0}, Role,  CertDbHandle, CertDbRef, 
                          ServerNameIndication, CRLCheck, CRLDbHandle, CertPath) ->
     {fun(OtpCert, {extension, _} = Extension, {SslState, UserState}) ->
diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl
index 43422fab8d..a43e0ac56e 100644
--- a/lib/ssl/src/tls_connection.erl
+++ b/lib/ssl/src/tls_connection.erl
@@ -476,6 +476,7 @@ hello(internal, #client_hello{client_version = ClientVersion} = Hello,
 	    gen_handshake(ssl_connection, hello, internal, {common_client_hello, Type, ServerHelloExt},
 				 State#state{connection_states  = ConnectionStates,
 					     negotiated_version = Version,
+                                             client_hello_version = ClientVersion,
 					     hashsign_algorithm = HashSign,
 					     session = Session,
 					     negotiated_protocol = Protocol})
author	Ingela Anderton Andin <[email protected]>	2017-11-23 17:07:08 +0100
committer	Ingela Anderton Andin <[email protected]>	2017-11-23 17:07:08 +0100
commit	6a51514556328dcc56de8f2b75eae01b18b96637 (patch)
tree	e22dac4c9e289a29646838b1406d144d915ea31a /lib/ssl/src
parent	754afa1d10e32d2e50d0a8b5ddf316037ba9d6fc (diff)
parent	a453532fe31eecd8c39b5035702ee20b402fd687 (diff)
download	otp-6a51514556328dcc56de8f2b75eae01b18b96637.tar.gz otp-6a51514556328dcc56de8f2b75eae01b18b96637.tar.bz2 otp-6a51514556328dcc56de8f2b75eae01b18b96637.zip