Commit 6efd143c authored by Martin Thomson's avatar Martin Thomson

Bug 1520459 - Send decode_error for padded record_size_limit extension, r=jcj

Summary: This is all I plan to do for this bug.

Reviewers: jcj

Tags: #secure-revision

Bug #: 1520459

Differential Revision: https://phabricator.services.mozilla.com/D19576

--HG--
extra : amend_source : cbc830e8861fb691b0500b773a96b8dc24db4fab
parent dfb61332
......@@ -397,6 +397,16 @@ TEST_P(TlsConnectGeneric, RecordSizeServerExtensionInvalid) {
ConnectExpectAlert(client_, kTlsAlertIllegalParameter);
}
TEST_P(TlsConnectGeneric, RecordSizeServerExtensionExtra) {
EnsureTlsSetup();
server_->SetOption(SSL_RECORD_SIZE_LIMIT, 1000);
static const uint8_t v[] = {0x01, 0x00, 0x00};
auto replace = MakeTlsFilter<TlsExtensionReplacer>(
server_, ssl_record_size_limit_xtn, DataBuffer(v, sizeof(v)));
replace->EnableDecryption();
ConnectExpectAlert(client_, kTlsAlertDecodeError);
}
class RecordSizeDefaultsTest : public ::testing::Test {
public:
void SetUp() {
......
......@@ -1927,7 +1927,7 @@ ssl_HandleRecordSizeLimitXtn(const sslSocket *ss, TLSExtensionData *xtnData,
return SECFailure;
}
if (data->len != 0 || limit < 64) {
ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter);
ssl3_ExtSendAlert(ss, alert_fatal, decode_error);
PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE);
return SECFailure;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment