forked from wolfSSL/wolfssl
fix issue with missing client key exchange and duplicate change cipher spec messages.
This commit is contained in:
John Safranek
@@ -6211,7 +6211,10 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
|
||||
WOLFSSL_MSG("Duplicate ChangeCipher received");
|
||||
return DUPLICATE_MSG_E;
|
||||
}
|
||||
ssl->msgsReceived.got_change_cipher = 1;
|
||||
/* DTLS is going to ignore the CCS message if the client key
|
||||
* exchange message wasn't received yet. */
|
||||
if (!ssl->options.dtls)
|
||||
ssl->msgsReceived.got_change_cipher = 1;
|
||||
|
||||
#ifndef NO_WOLFSSL_CLIENT
|
||||
if (ssl->options.side == WOLFSSL_CLIENT_END) {
|
||||
@@ -6231,7 +6234,8 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
if (ssl->options.dtls)
|
||||
ssl->msgsReceived.got_change_cipher = 1;
|
||||
break;
|
||||
|
||||
default:
|
||||
@@ -8028,8 +8032,12 @@ int ProcessReply(WOLFSSL* ssl)
|
||||
if (ssl->options.dtls && ret == SEQUENCE_ERROR) {
|
||||
WOLFSSL_MSG("Silently dropping out of order DTLS message");
|
||||
ssl->options.processReply = doProcessInit;
|
||||
ssl->buffers.inputBuffer.length = 0;
|
||||
ssl->buffers.inputBuffer.idx = 0;
|
||||
ssl->buffers.inputBuffer.idx += ssl->curSize;
|
||||
|
||||
ret = DtlsPoolSend(ssl);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
continue;
|
||||
}
|
||||
#endif
|
||||
@@ -8161,31 +8169,33 @@ int ProcessReply(WOLFSSL* ssl)
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_DTLS
|
||||
/* Check for duplicate CCS message in DTLS mode.
|
||||
* DTLS allows for duplicate messages, and it should be
|
||||
* skipped. */
|
||||
if (ssl->options.dtls &&
|
||||
ssl->msgsReceived.got_change_cipher) {
|
||||
|
||||
WOLFSSL_MSG("Duplicate ChangeCipher msg");
|
||||
ret = DtlsPoolSend(ssl);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
if (ssl->curSize != 1) {
|
||||
WOLFSSL_MSG("Malicious or corrupted"
|
||||
" duplicate ChangeCipher msg");
|
||||
return LENGTH_ERROR;
|
||||
}
|
||||
ssl->buffers.inputBuffer.idx++;
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = SanityCheckMsgReceived(ssl, change_cipher_hs);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
if (ret != 0) {
|
||||
if (!ssl->options.dtls) {
|
||||
return ret;
|
||||
}
|
||||
#ifdef WOLFSSL_DTLS
|
||||
else {
|
||||
/* Check for duplicate CCS message in DTLS mode.
|
||||
* DTLS allows for duplicate messages, and it should be
|
||||
* skipped. Also skip if out of order. */
|
||||
if (ret != DUPLICATE_MSG_E && ret != OUT_OF_ORDER_E)
|
||||
return ret;
|
||||
|
||||
ret = DtlsPoolSend(ssl);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
if (ssl->curSize != 1) {
|
||||
WOLFSSL_MSG("Malicious or corrupted"
|
||||
" duplicate ChangeCipher msg");
|
||||
return LENGTH_ERROR;
|
||||
}
|
||||
ssl->buffers.inputBuffer.idx++;
|
||||
break;
|
||||
}
|
||||
#endif /* WOLFSSL_DTLS */
|
||||
}
|
||||
|
||||
#ifdef HAVE_SESSION_TICKET
|
||||
if (ssl->options.side == WOLFSSL_CLIENT_END &&
|
||||
|
||||
Reference in New Issue
Block a user