feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #5427 from julek-wolfssl/dtls-timeout-and-closed-socket

Browse Source 
DTLS socket and timeout fixes
This commit is contained in:
Sean Parkinson
2022-08-05 08:13:14 +10:00
committed by GitHub
parent 7465691c70 6d4f0146ca
commit 56be09005f
6 changed files with 63 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/dtls13.c
View File

@ -2296,6 +2296,10 @@ int Dtls13RtxTimeout(WOLFSSL* ssl)
return 0; return 0;
} }
/* Increase timeout on long timeout */
if (DtlsMsgPoolTimeout(ssl) != 0)
return -1;
return Dtls13RtxSendBuffered(ssl); return Dtls13RtxSendBuffered(ssl);
} }

72
src/internal.c
View File

@ -7962,8 +7962,6 @@ void DtlsTxMsgListClean(WOLFSSL* ssl)
* verify */ * verify */
break; break;
ssl->dtls_tx_msg_list_sz--; ssl->dtls_tx_msg_list_sz--;
/* Reset timer as deleting a node means that state has progressed */
ssl->dtls_timeout = ssl->dtls_timeout_init;
head = next; head = next;
} }
ssl->dtls_tx_msg_list = head; ssl->dtls_tx_msg_list = head;
@ -8263,8 +8261,7 @@ int DtlsMsgPoolTimeout(WOLFSSL* ssl)
} }
/* DtlsMsgPoolReset() deletes the stored transmit list and resets the timeout /* DtlsMsgPoolReset() deletes the stored transmit list. */
* value. */
void DtlsMsgPoolReset(WOLFSSL* ssl) void DtlsMsgPoolReset(WOLFSSL* ssl)
{ {
WOLFSSL_ENTER("DtlsMsgPoolReset()"); WOLFSSL_ENTER("DtlsMsgPoolReset()");
@ -8274,7 +8271,6 @@ void DtlsMsgPoolReset(WOLFSSL* ssl)
ssl->dtls_tx_msg = NULL; ssl->dtls_tx_msg = NULL;
ssl->dtls_tx_msg_list_sz = 0; ssl->dtls_tx_msg_list_sz = 0;
} }
ssl->dtls_timeout = ssl->dtls_timeout_init;
} }
@ -16983,17 +16979,6 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input, word16 sz)
/* Reset state */ /* Reset state */
ssl->decrypt.state = CIPHER_STATE_BEGIN; ssl->decrypt.state = CIPHER_STATE_BEGIN;
/* handle mac error case */
if (ret == VERIFY_MAC_ERROR) {
if (!ssl->options.dtls) {
SendAlert(ssl, alert_fatal, bad_record_mac);
}
#ifdef WOLFSSL_DTLS_DROP_STATS
if (ssl->options.dtls)
ssl->macDropCount++;
#endif /* WOLFSSL_DTLS_DROP_STATS */
}
return ret; return ret;
} }
@ -18503,19 +18488,20 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
byte *aad = (byte*)&ssl->curRL; byte *aad = (byte*)&ssl->curRL;
word16 aad_size = RECORD_HEADER_SZ; word16 aad_size = RECORD_HEADER_SZ;
#ifdef WOLFSSL_DTLS13 #ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) { if (ssl->options.dtls) {
/* aad now points to the record header */ /* aad now points to the record header */
aad = ssl->dtls13CurRL; aad = ssl->dtls13CurRL;
aad_size = ssl->dtls13CurRlLength; aad_size = ssl->dtls13CurRlLength;
} }
#endif /* WOLFSSL_DTLS13 */ #endif /* WOLFSSL_DTLS13 */
/* Don't send an alert for DTLS. We will just drop it
* silently later. */
ret = DecryptTls13(ssl, ret = DecryptTls13(ssl,
in->buffer + in->idx, in->buffer + in->idx,
in->buffer + in->idx, in->buffer + in->idx,
ssl->curSize, ssl->curSize,
aad, aad_size, 1); aad, aad_size);
#else #else
ret = DECRYPT_ERROR; ret = DECRYPT_ERROR;
#endif /* WOLFSSL_TLS13 */ #endif /* WOLFSSL_TLS13 */
@ -18542,16 +18528,20 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
} }
else { else {
WOLFSSL_MSG("Decrypt failed"); WOLFSSL_MSG("Decrypt failed");
WOLFSSL_ERROR(ret); #ifdef WOLFSSL_DTLS
#ifdef WOLFSSL_DTLS13 /* If in DTLS mode, if the decrypt fails for any
if (ssl->options.tls1_3 && ssl->options.dtls) { * reason, pretend the datagram never happened. */
WOLFSSL_MSG("DTLS: Ignoring decrypted failed record"); if (ssl->options.dtls) {
WOLFSSL_MSG("DTLS: Ignoring failed decryption");
ssl->options.processReply = doProcessInit; ssl->options.processReply = doProcessInit;
ssl->buffers.inputBuffer.idx = ssl->buffers.inputBuffer.idx =
ssl->buffers.inputBuffer.length; ssl->buffers.inputBuffer.length;
#ifdef WOLFSSL_DTLS_DROP_STATS
ssl->macDropCount++;
#endif /* WOLFSSL_DTLS_DROP_STATS */
return 0; return 0;
} }
#endif /* WOLFSSL_DTLS13 */ #endif /* WOLFSSL_DTLS */
#ifdef WOLFSSL_EARLY_DATA #ifdef WOLFSSL_EARLY_DATA
if (ssl->options.tls1_3) { if (ssl->options.tls1_3) {
if (ssl->options.side == WOLFSSL_SERVER_END && if (ssl->options.side == WOLFSSL_SERVER_END &&
@ -18567,29 +18557,24 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
ssl->options.processReply = doProcessInit; ssl->options.processReply = doProcessInit;
ssl->buffers.inputBuffer.idx += ssl->curSize; ssl->buffers.inputBuffer.idx += ssl->curSize;
if (ssl->buffers.inputBuffer.idx > if (ssl->buffers.inputBuffer.idx >
ssl->buffers.inputBuffer.length) ssl->buffers.inputBuffer.length) {
WOLFSSL_ERROR(BUFFER_E);
return BUFFER_E; return BUFFER_E;
}
return 0; return 0;
} }
WOLFSSL_MSG("Too much EarlyData!"); WOLFSSL_MSG("Too much EarlyData!");
SendAlert(ssl, alert_fatal, unexpected_message);
WOLFSSL_ERROR(TOO_MUCH_EARLY_DATA);
return TOO_MUCH_EARLY_DATA;
} }
SendAlert(ssl, alert_fatal, bad_record_mac);
} }
#endif #endif
#ifdef WOLFSSL_DTLS SendAlert(ssl, alert_fatal, bad_record_mac);
/* If in DTLS mode, if the decrypt fails for any /* Push error once we know that we will error out here */
* reason, pretend the datagram never happened. */ WOLFSSL_ERROR(ret);
if (ssl->options.dtls) { return ret;
ssl->options.processReply = doProcessInit;
ssl->buffers.inputBuffer.idx =
ssl->buffers.inputBuffer.length;
#ifdef WOLFSSL_DTLS_DROP_STATS
ssl->macDropCount++;
#endif /* WOLFSSL_DTLS_DROP_STATS */
}
#endif /* WOLFSSL_DTLS */
return DECRYPT_ERROR;
} }
} }
@ -18754,6 +18739,11 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
if (IsDtlsNotSctpMode(ssl) && !IsAtLeastTLSv1_3(ssl->version)) { if (IsDtlsNotSctpMode(ssl) && !IsAtLeastTLSv1_3(ssl->version)) {
_DtlsUpdateWindow(ssl); _DtlsUpdateWindow(ssl);
} }
if (ssl->options.dtls) {
/* Reset timeout as we have received a valid DTLS message */
ssl->dtls_timeout = ssl->dtls_timeout_init;
}
#endif /* WOLFSSL_DTLS */ #endif /* WOLFSSL_DTLS */
WOLFSSL_MSG("received record layer msg"); WOLFSSL_MSG("received record layer msg");

2
src/sniffer.c
View File

@ -4793,7 +4793,7 @@ static const byte* DecryptMessage(WOLFSSL* ssl, const byte* input, word32 sz,
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version)) { if (IsAtLeastTLSv1_3(ssl->version)) {
ret = DecryptTls13(ssl, output, input, sz, (byte*)rh, RECORD_HEADER_SZ, 0); ret = DecryptTls13(ssl, output, input, sz, (byte*)rh, RECORD_HEADER_SZ);
} }
else else
#endif #endif

14
src/tls13.c
View File

@ -2278,11 +2278,10 @@ static int Tls13IntegrityOnly_Decrypt(WOLFSSL* ssl, byte* output,
* sz The length of the encrypted data plus authentication tag. * sz The length of the encrypted data plus authentication tag.
* aad The additional authentication data. * aad The additional authentication data.
* aadSz The size of the addition authentication data. * aadSz The size of the addition authentication data.
* doAlert Generate alert on error (set to 0 for sniffer use cases)
* returns 0 on success, otherwise failure. * returns 0 on success, otherwise failure.
*/ */
int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz, int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
const byte* aad, word16 aadSz, int doAlert) const byte* aad, word16 aadSz)
{ {
int ret = 0; int ret = 0;
word16 dataSz = sz - ssl->specs.aead_mac_size; word16 dataSz = sz - ssl->specs.aead_mac_size;
@ -2477,17 +2476,6 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
break; break;
} }
#ifndef WOLFSSL_EARLY_DATA
if (ret < 0) {
if (doAlert) {
SendAlert(ssl, alert_fatal, bad_record_mac);
}
ret = VERIFY_MAC_ERROR;
}
#else
(void)doAlert;
#endif
return ret; return ret;
} }

29
src/wolfio.c
View File

@ -372,6 +372,20 @@ static int sockAddrEqual(
return 0; return 0;
} }
static int isDGramSock(int sfd)
{
int type = 0;
XSOCKLENT length = sizeof(int); /* optvalue 'type' is of size int */
if (getsockopt(sfd, SOL_SOCKET, SO_TYPE, &type, &length) == 0 &&
type != SOCK_DGRAM) {
return 0;
}
else {
return 1;
}
}
/* The receive embedded callback /* The receive embedded callback
* return : nb bytes read, or error * return : nb bytes read, or error
*/ */
@ -500,6 +514,16 @@ int EmbedReceiveFrom(WOLFSSL *ssl, char *buf, int sz, void *ctx)
} }
return recvd; return recvd;
} }
else if (recvd == 0) {
if (!isDGramSock(sd)) {
/* Closed TCP connection */
recvd = WOLFSSL_CBIO_ERR_CONN_CLOSE;
}
else {
WOLFSSL_MSG("Ignoring 0-length datagram");
}
return recvd;
}
else if (dtlsCtx->connected) { else if (dtlsCtx->connected) {
/* Nothing to do */ /* Nothing to do */
} }
@ -535,13 +559,10 @@ int EmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
int sent; int sent;
const SOCKADDR_S* peer = NULL; const SOCKADDR_S* peer = NULL;
XSOCKLENT peerSz = 0; XSOCKLENT peerSz = 0;
int type;
XSOCKLENT length = sizeof(int); /* optvalue 'type' is of size int */
WOLFSSL_ENTER("EmbedSendTo()"); WOLFSSL_ENTER("EmbedSendTo()");
if (getsockopt(sd, SOL_SOCKET, SO_TYPE, &type, &length) == 0 && if (!isDGramSock(sd)) {
type != SOCK_DGRAM) {
/* Probably a TCP socket. peer and peerSz MUST be NULL and 0 */ /* Probably a TCP socket. peer and peerSz MUST be NULL and 0 */
} }
else if (!dtlsCtx->connected) { else if (!dtlsCtx->connected) {

3
wolfssl/internal.h
View File

@ -1867,8 +1867,7 @@ WOLFSSL_LOCAL int ChachaAEADEncrypt(WOLFSSL* ssl, byte* out, const byte* input,
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
WOLFSSL_LOCAL int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, WOLFSSL_LOCAL int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
word16 sz, const byte* aad, word16 aadSz, word16 sz, const byte* aad, word16 aadSz);
int doAlert);
WOLFSSL_LOCAL int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, WOLFSSL_LOCAL int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input,
word32* inOutIdx, byte type, word32* inOutIdx, byte type,
word32 size, word32 totalSz); word32 size, word32 totalSz);