feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Check that HVR and HRR don't appear in the same connection

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2023-08-18 15:14:51 +02:00
parent 9427bea275
commit 3cc473b1ec
2 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/internal.c
View File

@ -15682,6 +15682,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
WOLFSSL_ERROR_VERBOSE(DUPLICATE_MSG_E); WOLFSSL_ERROR_VERBOSE(DUPLICATE_MSG_E);
return DUPLICATE_MSG_E; return DUPLICATE_MSG_E;
} }
if (ssl->msgsReceived.got_hello_retry_request) {
WOLFSSL_MSG("Received HelloVerifyRequest after a "
"HelloRetryRequest");
WOLFSSL_ERROR_VERBOSE(VERSION_ERROR);
return VERSION_ERROR;
}
ssl->msgsReceived.got_hello_verify_request = 1; ssl->msgsReceived.got_hello_verify_request = 1;
break; break;

7
src/tls13.c
View File

@ -5024,6 +5024,13 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
WOLFSSL_MSG("HelloRetryRequest format"); WOLFSSL_MSG("HelloRetryRequest format");
*extMsgType = hello_retry_request; *extMsgType = hello_retry_request;
if (ssl->msgsReceived.got_hello_verify_request) {
WOLFSSL_MSG("Received HelloRetryRequest after a "
"HelloVerifyRequest");
WOLFSSL_ERROR_VERBOSE(VERSION_ERROR);
return VERSION_ERROR;
}
/* A HelloRetryRequest comes in as an ServerHello for MiddleBox compat. /* A HelloRetryRequest comes in as an ServerHello for MiddleBox compat.
* Found message to be a HelloRetryRequest. * Found message to be a HelloRetryRequest.
* Don't allow more than one HelloRetryRequest or ServerHello. * Don't allow more than one HelloRetryRequest or ServerHello.