Skip to content

Commit

Permalink
supported groups extension with invalid length
Browse files Browse the repository at this point in the history
  • Loading branch information
tomato42 committed Aug 27, 2016
1 parent 7f22c8d commit 0b5654d
Show file tree
Hide file tree
Showing 3 changed files with 90 additions and 1 deletion.
5 changes: 4 additions & 1 deletion prober.py
Original file line number Diff line number Diff line change
Expand Up @@ -194,7 +194,10 @@
SupportedGroupsNull12PFS(),
SupportedGroupsOddLen(),
SupportedGroupsOddLen12(),
SupportedGroupsOddLen12PFS()
SupportedGroupsOddLen12PFS(),
SupportedGroupsOverflow(),
SupportedGroupsOverflow12(),
SupportedGroupsOverflow12PFS()
]

def probe(ipaddress, port, starttls, specified_probe):
Expand Down
21 changes: 21 additions & 0 deletions probes.py
Original file line number Diff line number Diff line change
Expand Up @@ -1798,3 +1798,24 @@ class SupportedGroupsOddLen12(SupportedGroupsOddLen, NormalHandshake12):
class SupportedGroupsOddLen12PFS(SupportedGroupsOddLen, NormalHandshake12PFS):
'''As with SupportedGroupsOddLen but in PFS TLSv1.2 hello'''
pass


class SupportedGroupsOverflow(SupportedGroupsNull):
'''Send supported groups extension with length larger than data'''

def test(self, sock):
logging.debug('Sending Client Hello...')
# normal extension has a two byte length and two byte elements,
# truncate the whole second element
sock.write(self.make_supported_groups_hello(b'\x00\x04\x00\x17'))


class SupportedGroupsOverflow12(SupportedGroupsOverflow, NormalHandshake12):
'''As with SupportedGroupsOverflow but in TLSv1.2 hello'''
pass


class SupportedGroupsOverflow12PFS(SupportedGroupsOverflow,
NormalHandshake12PFS):
'''As with SupportedGroupsOverflow but in PFS TLSv1.2 hello'''
pass
65 changes: 65 additions & 0 deletions tests/test_probes.py
Original file line number Diff line number Diff line change
Expand Up @@ -3643,3 +3643,68 @@ def test_test(self):
b'\x00\x09'
b'\x00\x0a\x00\x05'
b'\x00\x03\x00\x17\x00'])


class TestSupportedGroupsOverflow(unittest.TestCase):
def test_test(self):
probe = SupportedGroupsOverflow()
sock = MockSock()

probe.test(sock)

self.maxDiff = None
self.assertEqual(sock.sent_data,
[b'\x16\x03\x01\x00C'
b'\x01\x00\x00?'
b'\x03\x01' +
RANDOM_STR +
b'\x00'
b'\x00\x0e' +
DEFAULT_CIPHERS_STR +
b'\x01\x00'
b'\x00\x08'
b'\x00\x0a\x00\x04'
b'\x00\x04\x00\x17'])


class TestSupportedGroupsOverflow12(unittest.TestCase):
def test_test(self):
probe = SupportedGroupsOverflow12()
sock = MockSock()

probe.test(sock)

self.assertEqual(sock.sent_data,
[b'\x16\x03\x01\x00['
b'\x01\x00\x00W'
b'\x03\x03' +
RANDOM_STR +
b'\x00'
b'\x00&' +
DEFAULT_12_CIPHERS_STR +
b'\x01\x00'
b'\x00\x08'
b'\x00\x0a\x00\x04'
b'\x00\x04\x00\x17'])


class TestSupportedGroupsOverflow12PFS(unittest.TestCase):
def test_test(self):
probe = SupportedGroupsOverflow12PFS()
sock = MockSock()

probe.test(sock)

self.maxDiff = None
self.assertEqual(sock.sent_data,
[b"\x16\x03\x01\x00\x93"
b"\x01\x00\x00\x8f"
b"\x03\x03" +
RANDOM_STR +
b"\x00"
b"\x00^" +
DEFAULT_PFS_CIPHERS_STR +
b"\x01\x00"
b'\x00\x08'
b'\x00\x0a\x00\x04'
b'\x00\x04\x00\x17'])

0 comments on commit 0b5654d

Please sign in to comment.