File tree Expand file tree Collapse file tree 1 file changed +12
-0
lines changed Expand file tree Collapse file tree 1 file changed +12
-0
lines changed Original file line number Diff line number Diff line change @@ -538,6 +538,18 @@ func (c *UConn) clientHandshake(ctx context.Context) (err error) {
538538 return err
539539 }
540540
541+ // If we are negotiating a protocol version that's lower than what we
542+ // support, check for the server downgrade canaries.
543+ // See RFC 8446, Section 4.1.3.
544+ maxVers := c .config .maxSupportedVersion (roleClient )
545+ tls12Downgrade := string (serverHello .random [24 :]) == downgradeCanaryTLS12
546+ tls11Downgrade := string (serverHello .random [24 :]) == downgradeCanaryTLS11
547+ if maxVers == VersionTLS13 && c .vers <= VersionTLS12 && (tls12Downgrade || tls11Downgrade ) ||
548+ maxVers == VersionTLS12 && c .vers <= VersionTLS11 && tls11Downgrade {
549+ c .sendAlert (alertIllegalParameter )
550+ return errors .New ("tls: downgrade attempt detected, possibly due to a MitM attack or a broken middlebox" )
551+ }
552+
541553 // uTLS: do not create new handshakeState, use existing one
542554 if c .vers == VersionTLS13 {
543555 hs13 := c .HandshakeState .toPrivate13 ()
You can’t perform that action at this time.
0 commit comments