QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-04-29 11:14:36 +00:00
Code Issues Projects Releases Wiki Activity

Fix early_data with an HRR

Browse Source 
early_data is not allowed after an HRR. We failed to handle that
correctly.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/3933)
This commit is contained in:
Matt Caswell 2017-07-14 14:50:48 +01:00
parent 1e3f62a382
commit d4504fe579
4 changed files with 23 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ssl/statem/extensions_srvr.c
View File

@ -678,6 +678,11 @@ int tls_parse_ctos_early_data(SSL *s, PACKET *pkt, unsigned int context,
return 0; return 0;
} }
if (s->hello_retry_request) {
*al = SSL_AD_ILLEGAL_PARAMETER;
return 0;
}
return 1; return 1;
} }

9
ssl/statem/statem.c
View File

@ -157,13 +157,8 @@ int ossl_statem_skip_early_data(SSL *s)
if (s->ext.early_data != SSL_EARLY_DATA_REJECTED) if (s->ext.early_data != SSL_EARLY_DATA_REJECTED)
return 0; return 0;
if (s->hello_retry_request) { if (!s->server || s->statem.hand_state != TLS_ST_EARLY_DATA)
if (s->statem.hand_state != TLS_ST_SW_HELLO_RETRY_REQUEST) return 0;
return 0;
} else {
if (!s->server || s->statem.hand_state != TLS_ST_EARLY_DATA)
return 0;
}
return 1; return 1;
} }

7
ssl/statem/statem_clnt.c
View File

@ -1571,6 +1571,13 @@ static MSG_PROCESS_RETURN tls_process_hello_retry_request(SSL *s, PACKET *pkt)
s->hello_retry_request = 1; s->hello_retry_request = 1;
/*
* If we were sending early_data then the enc_write_ctx is now invalid and
* should not be used.
*/
EVP_CIPHER_CTX_free(s->enc_write_ctx);
s->enc_write_ctx = NULL;
/* This will fail if it doesn't choose TLSv1.3+ */ /* This will fail if it doesn't choose TLSv1.3+ */
errorcode = ssl_choose_client_version(s, sversion, 0, &al); errorcode = ssl_choose_client_version(s, sversion, 0, &al);
if (errorcode != 0) { if (errorcode != 0) {

18
ssl/statem/statem_srvr.c
View File

@ -48,15 +48,14 @@ static int ossl_statem_server13_read_transition(SSL *s, int mt)
default: default:
break; break;
case TLS_ST_SW_HELLO_RETRY_REQUEST:
if (mt == SSL3_MT_CLIENT_HELLO) {
st->hand_state = TLS_ST_SR_CLNT_HELLO;
return 1;
}
break;
case TLS_ST_EARLY_DATA: case TLS_ST_EARLY_DATA:
if (s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) { if (s->hello_retry_request) {
if (mt == SSL3_MT_CLIENT_HELLO) {
st->hand_state = TLS_ST_SR_CLNT_HELLO;
return 1;
}
break;
} else if (s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) {
if (mt == SSL3_MT_END_OF_EARLY_DATA) { if (mt == SSL3_MT_END_OF_EARLY_DATA) {
st->hand_state = TLS_ST_SR_END_OF_EARLY_DATA; st->hand_state = TLS_ST_SR_END_OF_EARLY_DATA;
return 1; return 1;
@ -397,7 +396,8 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
return WRITE_TRAN_CONTINUE; return WRITE_TRAN_CONTINUE;
case TLS_ST_SW_HELLO_RETRY_REQUEST: case TLS_ST_SW_HELLO_RETRY_REQUEST:
return WRITE_TRAN_FINISHED; st->hand_state = TLS_ST_EARLY_DATA;
return WRITE_TRAN_CONTINUE;
case TLS_ST_SW_SRVR_HELLO: case TLS_ST_SW_SRVR_HELLO:
st->hand_state = TLS_ST_SW_ENCRYPTED_EXTENSIONS; st->hand_state = TLS_ST_SW_ENCRYPTED_EXTENSIONS;