aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tls: improve versions extension logic

Browse Source 
Skip over unusable versions like GREASE.
pull/7896/head
Victor Julien 3 years ago
parent 599791fa33
commit c028800ae1
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File

13
src/app-layer-ssl.c
Unescape Escape View File

@ -1016,8 +1016,17 @@ static inline int TLSDecodeHSHelloExtensionSupportedVersions(SSLState *ssl_state
if (!(HAS_SPACE(supported_ver_len)))
goto invalid_length;
/* Use the first (and prefered) version as client version */
ssl_state->curr_connp->version = (uint16_t)(*input << 8) | *(input + 1);
/* Use the first (and prefered) valid version as client version,
* skip over GREASE and other possible noise. */
uint16_t i = 0;
while (i < (uint16_t)supported_ver_len) {
uint16_t ver = (uint16_t)(input[i] << 8) | input[i + 1];
if (TLSVersionValid(ver)) {
ssl_state->curr_connp->version = ver;
break;
}
i += 2;
}
/* Set a flag to indicate that we have seen this extension */
ssl_state->flags |= SSL_AL_FLAG_CH_VERSION_EXTENSION;

Write Preview
Loading…
Cancel
Save