Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Browse Source

RT4304: Look for plaintext HTTP

Reviewed-by: Richard Levitte <levitte@openssl.org>
Rainer Jung 8 years ago
parent
f0ff328e36
commit
124f6ff4c2
1 changed files with 15 additions and 0 deletions
Split View Show Diff Stats
  1. 15 0
      ssl/record/ssl3_record.c

+ 15 - 0
ssl/record/ssl3_record.c
View File 

@@ -274,6 +274,21 @@ int ssl3_get_record(SSL *s)
 
             }
 
 
             if ((version >> 8) != SSL3_VERSION_MAJOR) {
 
+                if (s->first_packet) {
 
+                    /* Go back to start of packet, look at the five bytes
 
+                     * that we have. */
 
+                    p = RECORD_LAYER_get_packet(&s->rlayer);
 
+                    if (strncmp((char *)p, "GET ", 4) == 0 ||
 
+                        strncmp((char *)p, "POST ", 5) == 0 ||
 
+                        strncmp((char *)p, "HEAD ", 5) == 0 ||
 
+                        strncmp((char *)p, "PUT ", 4) == 0) {
 
+                        SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_HTTP_REQUEST);
 
+                        goto err;
 
+                    } else if (strncmp((char *)p, "CONNE", 5) == 0) {
 
+                        SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_HTTPS_PROXY_REQUEST);
 
+                        goto err;
 
+                    }
 
+                }
 
                 SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER);
 
                 goto err;
 
             }