Skip to content

Commit

Permalink
docs: add rfc citations (#4202)
Browse files Browse the repository at this point in the history
  • Loading branch information
toidiu authored Sep 20, 2023
1 parent 9d1e6c8 commit fef3e5a
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 6 deletions.
2 changes: 2 additions & 0 deletions compliance/initialize_duvet.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,4 +7,6 @@ duvet extract https://tools.ietf.org/rfc/rfc8448 # Example Handshake Traces for
duvet extract https://tools.ietf.org/rfc/rfc7627 # Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
duvet extract https://tools.ietf.org/rfc/rfc5746 # Transport Layer Security (TLS) Renegotiation Indication Extension
duvet extract https://tools.ietf.org/rfc/rfc4492 # Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)
duvet extract https://tools.ietf.org/rfc/rfc8422 # Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier


12 changes: 10 additions & 2 deletions tls/extensions/s2n_ec_point_format.c
Original file line number Diff line number Diff line change
Expand Up @@ -64,9 +64,17 @@ static int s2n_ec_point_format_send(struct s2n_connection *conn, struct s2n_stuf

static int s2n_ec_point_format_recv(struct s2n_connection *conn, struct s2n_stuffer *extension)
{
/**
* Only uncompressed points are supported by the server and the client must include it in
/* Only uncompressed points are supported by the server and the client must include it in
* the extension. Just skip the extension.
*
*= https://tools.ietf.org/rfc/rfc8422#section-5.1.2
*= type=exception
*= reason=Incorrect implementations exist in the wild. Skipping validation.
*# If the client sends the extension and the extension does not contain
*# the uncompressed point format, and the client has used the Supported
*# Groups extension to indicate support for any of the curves defined in
*# this specification, then the server MUST abort the handshake and
*# return an illegal_parameter alert.
*/
conn->ec_point_formats = 1;
return S2N_SUCCESS;
Expand Down
15 changes: 11 additions & 4 deletions tls/s2n_record_read.c
Original file line number Diff line number Diff line change
Expand Up @@ -106,12 +106,19 @@ int s2n_record_header_parse(
S2N_ERROR_IF(conn->actual_protocol_version_established && MIN(conn->actual_protocol_version, S2N_TLS12) /* check against legacy record version (1.2) in tls 1.3 */
!= version,
S2N_ERR_BAD_MESSAGE);
POSIX_GUARD(s2n_stuffer_read_uint16(in, fragment_length));

/* Some servers send fragments that are above the maximum length. (e.g.
* Openssl 1.0.1, so we don't check if the fragment length is >
* S2N_TLS_MAXIMUM_FRAGMENT_LENGTH. The on-the-wire max is 65k
/* Some servers send fragments that are above the maximum length (e.g.
* Openssl 1.0.1), so we don't check if the fragment length is >
* S2N_TLS_MAXIMUM_FRAGMENT_LENGTH. We allow up to 2^16.
*
*= https://tools.ietf.org/rfc/rfc8446#section-5.1
*= type=exception
*= reason=Incorrect implementations exist in the wild. Ignoring instead.
*# The length MUST NOT exceed 2^14 bytes. An
*# endpoint that receives a record that exceeds this length MUST
*# terminate the connection with a "record_overflow" alert.
*/
POSIX_GUARD(s2n_stuffer_read_uint16(in, fragment_length));
POSIX_GUARD(s2n_stuffer_reread(in));

return 0;
Expand Down

0 comments on commit fef3e5a

Please sign in to comment.