feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Update dtls_expected_peer_handshake_number when downgrading

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2023-08-18 17:24:21 +02:00
parent 9ca1738b7a
commit a99954c0b0
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/dtls13.c
View File

@ -352,6 +352,7 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
WOLFSSL_ENTER("Dtls13ProcessBufferedMessages"); WOLFSSL_ENTER("Dtls13ProcessBufferedMessages");
while (msg != NULL) { while (msg != NULL) {
int downgraded = 0;
idx = 0; idx = 0;
/* message not in order */ /* message not in order */
@ -367,6 +368,8 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
if (IsAtLeastTLSv1_3(ssl->version)) { if (IsAtLeastTLSv1_3(ssl->version)) {
ret = DoTls13HandShakeMsgType(ssl, msg->fullMsg, &idx, msg->type, ret = DoTls13HandShakeMsgType(ssl, msg->fullMsg, &idx, msg->type,
msg->sz, msg->sz); msg->sz, msg->sz);
if (!IsAtLeastTLSv1_3(ssl->version))
downgraded = 1;
} }
else { else {
ret = DoHandShakeMsgType(ssl, msg->fullMsg, &idx, msg->type, ret = DoHandShakeMsgType(ssl, msg->fullMsg, &idx, msg->type,
@ -381,6 +384,11 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
ssl->options.handShakeDone && ret == WC_PENDING_E)) { ssl->options.handShakeDone && ret == WC_PENDING_E)) {
if (IsAtLeastTLSv1_3(ssl->version)) if (IsAtLeastTLSv1_3(ssl->version))
Dtls13MsgWasProcessed(ssl, (enum HandShakeType)msg->type); Dtls13MsgWasProcessed(ssl, (enum HandShakeType)msg->type);
else if (downgraded)
/* DoHandShakeMsgType normally handles the hs number but if
* DoTls13HandShakeMsgType processed 1.2 msgs then this wasn't
* incremented. */
ssl->keys.dtls_expected_peer_handshake_number++;
ssl->dtls_rx_msg_list = msg->next; ssl->dtls_rx_msg_list = msg->next;
DtlsMsgDelete(msg, ssl->heap); DtlsMsgDelete(msg, ssl->heap);