+Sat Nov 16 13:14:45 EET 20022 Pekka Riikonen <priikone@silcnet.org>
+
+ * Fixed the KE Start Payload parsing to check that mandatory
+ fields are present. Affected file lib/silcske/payload.c.
+
+ * Fixed compilation warnigs in Irssi SILC Client. Affected
+ files are irssi/src/silc/core/silc-query.c. client_ops.c.
+
Thu Nov 14 19:33:28 CET 2002 Jochen Eisinger <c0ffee@penguin-breeder.org>
* Print "nick now appears as newnick" and update Irssi's nicklist
when you change your nick to "nick". Closes #62
+
* Never format your own nick. Closes #63
Thu Nov 14 09:44:54 CET 2002 Jochen Eisinger <c0ffee@penguin-breeder.org>
o Cookie (16 bytes) - Cookie that randomize this payload so
that each of the party cannot determine the payload before
- hand.
+ hand. This field MUST be present.
o Version String Length (2 bytes) - The length of the Version
String field, not including any other field.
the sender of this payload. Initiator sets this when sending
the payload and responder sets this when it replies by sending
this payload. See [SILC1] for definition of the version
- string format.
+ string format. This field MUST be present and include valid
+ version string.
o Key Exchange Grp Length (2 bytes) - The length of the
key exchange group list, not including any other field.
o Key Exchange Group (variable length) - The list of
key exchange groups. See the section 2.4 SILC Key Exchange
- Groups for definitions of these groups.
+ Groups for definitions of these groups. This field MUST
+ be present.
o PKCS Alg Length (2 bytes) - The length of the PKCS algorithms
list, not including any other field.
o PKCS Algorithms (variable length) - The list of PKCS
- algorithms.
+ algorithms. This field MUST be present.
o Encryption Alg Length (2 bytes) - The length of the encryption
algorithms list, not including any other field.
o Encryption Algorithms (variable length) - The list of
- encryption algorithms.
+ encryption algorithms. This field MUST be present.
o Hash Alg Length (2 bytes) - The length of the Hash algorithm
list, not including any other field.
o Hash Algorithms (variable length) - The list of Hash
algorithms. The hash algorithms are mainly used in the
- SKE protocol.
+ SKE protocol. This field MUST be present.
o HMAC Length (2 bytes) - The length of the HMAC list, not
including any other field.
o HMACs (variable length) - The list of HMACs. The HMAC's
are used to compute the Message Authentication Codes (MAC)
- of the SILC packets.
+ of the SILC packets. This field MUST be present.
o Compression Alg Length (2 bytes) - The length of the
compression algorithms list, not including any other field.
o Compression Algorithms (variable length) - The list of
- compression algorithms.
+ compression algorithms. This field MAY be omitted.
.in 3
goto err;
}
+ /* Check for mandatory fields */
+ if (!payload->cookie || !payload->version_len ||
+ !payload->ke_grp_len || !payload->pkcs_alg_len ||
+ !payload->enc_alg_len || !payload->hash_alg_len ||
+ !payload->hmac_alg_len) {
+ SILC_LOG_ERROR(("KE Start Payload is missing mandatory fields"));
+ status = SILC_SKE_STATUS_BAD_PAYLOAD;
+ goto err;
+ }
+
/* Return the payload */
*return_payload = payload;
goto err;
}
- if (ske->start_payload &&
- (payload->pk_type < SILC_SKE_PK_TYPE_SILC ||
- payload->pk_type > SILC_SKE_PK_TYPE_SPKI)) {
+ if (ske->start_payload &&
+ ((payload->pk_type < SILC_SKE_PK_TYPE_SILC ||
+ payload->pk_type > SILC_SKE_PK_TYPE_SPKI) || !payload->pk_len)) {
SILC_LOG_ERROR(("Malformed public key in KE payload"));
status = SILC_SKE_STATUS_BAD_PAYLOAD;
goto err;
tot_len += x_len + 2;
tot_len += payload->sign_len + 2;
- if (x_len < 3) {
- SILC_LOG_ERROR(("Too short signature in KE Payload"));
+ if (x_len < 16) {
+ SILC_LOG_ERROR(("Too short DH value in KE Payload"));
status = SILC_SKE_STATUS_BAD_PAYLOAD;
goto err;
}
projects / silc.git / commitdiff