Guest User

Untitled

a guest
Apr 7th, 2014
12,249
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. $ diff -r openssl-1.0.1f/ssl/t1_lib.c openssl-1.0.1g/ssl/t1_lib.c
  2.  
  3.  
  4.  
  5. #ifndef OPENSSL_NO_HEARTBEATS #ifndef OPENSSL_NO_HEARTBEATS
  6. int int
  7. tls1_process_heartbeat(SSL *s) tls1_process_heartbeat(SSL *s)
  8. { {
  9. unsigned char *p = &s->s3->rrec.data[0], *pl; unsigned char *p = &s->s3->rrec.data[0], *pl;
  10. unsigned short hbtype; unsigned short hbtype;
  11. unsigned int payload; unsigned int payload;
  12. unsigned int padding = 16; /* Use minimum padding */ unsigned int padding = 16; /* Use minimum padding */
  13.  
  14. /* Read type and payload length first */ <
  15. hbtype = *p++; <
  16. n2s(p, payload); <
  17. pl = p; <
  18. <
  19. if (s->msg_callback) if (s->msg_callback)
  20. s->msg_callback(0, s->version, TLS1_RT_HEARTB s->msg_callback(0, s->version, TLS1_RT_HEARTB
  21. &s->s3->rrec.data[0], s->s3->rrec.len &s->s3->rrec.data[0], s->s3->rrec.len
  22. s, s->msg_callback_arg); s, s->msg_callback_arg);
  23.  
  24. > /* Read type and payload length first */
  25. > if (1 + 2 + 16 > s->s3->rrec.length)
  26. > return 0; /* silently discard */
  27. > hbtype = *p++;
  28. > n2s(p, payload);
  29. > if (1 + 2 + payload + 16 > s->s3->rrec.length)
  30. > return 0; /* silently discard per RFC 6520 se
  31. > pl = p;
  32. >
  33. if (hbtype == TLS1_HB_REQUEST) if (hbtype == TLS1_HB_REQUEST)
  34. { {
  35. unsigned char *buffer, *bp; unsigned char *buffer, *bp;
  36. int r; int r;
  37.  
  38. /* Allocate memory for the response, size is /* Allocate memory for the response, size is
  39. * message type, plus 2 bytes payload length, * message type, plus 2 bytes payload length,
  40. * payload, plus padding * payload, plus padding
  41. */ */
  42. buffer = OPENSSL_malloc(1 + 2 + payload + pad buffer = OPENSSL_malloc(1 + 2 + payload + pad
  43. bp = buffer; bp = buffer;
  44.  
  45. /* Enter response type, length and copy paylo /* Enter response type, length and copy paylo
  46. *bp++ = TLS1_HB_RESPONSE; *bp++ = TLS1_HB_RESPONSE;
  47. s2n(payload, bp); s2n(payload, bp);
  48. memcpy(bp, pl, payload); memcpy(bp, pl, payload);
  49. bp += payload; bp += payload;
  50. /* Random padding */ /* Random padding */
  51. RAND_pseudo_bytes(bp, padding); RAND_pseudo_bytes(bp, padding);
  52.  
  53. r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, bu r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, bu
  54.  
  55. if (r >= 0 && s->msg_callback) if (r >= 0 && s->msg_callback)
  56. s->msg_callback(1, s->version, TLS1_R s->msg_callback(1, s->version, TLS1_R
  57. buffer, 3 + payload + padding buffer, 3 + payload + padding
  58. s, s->msg_callback_arg); s, s->msg_callback_arg);
  59.  
  60. OPENSSL_free(buffer); OPENSSL_free(buffer);
  61.  
  62. if (r < 0) if (r < 0)
  63. return r; return r;
  64. } }
  65. else if (hbtype == TLS1_HB_RESPONSE) else if (hbtype == TLS1_HB_RESPONSE)
  66. { {
  67. unsigned int seq; unsigned int seq;
  68.  
  69. /* We only send sequence numbers (2 bytes uns /* We only send sequence numbers (2 bytes uns
  70. * and 16 random bytes, so we just try to rea * and 16 random bytes, so we just try to rea
  71. * sequence number */ * sequence number */
  72. n2s(pl, seq); n2s(pl, seq);
  73.  
  74. if (payload == 18 && seq == s->tlsext_hb_seq) if (payload == 18 && seq == s->tlsext_hb_seq)
  75. { {
  76. s->tlsext_hb_seq++; s->tlsext_hb_seq++;
  77. s->tlsext_hb_pending = 0; s->tlsext_hb_pending = 0;
  78. } }
  79. } }
  80.  
  81. return 0; return 0;
  82. } }
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×