From: Matt Caswell Date: Thu, 3 May 2018 11:07:47 +0000 (+0100) Subject: Don't fail on an out-of-order CCS in DTLS X-Git-Tag: OpenSSL_1_1_0i~124 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=4771f23e28eb5d11460d72dc35c6ac2fd30f9093;p=oweals%2Fopenssl.git Don't fail on an out-of-order CCS in DTLS Fixes #4929 Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/6196) --- diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c index b91ec0a360..69bb40f00e 100644 --- a/ssl/statem/statem.c +++ b/ssl/statem/statem.c @@ -556,10 +556,8 @@ static SUB_STATE_RETURN read_state_machine(SSL *s) * Validate that we are allowed to move to the new state and move * to that state if so */ - if (!transition(s, mt)) { - ossl_statem_set_error(s); + if (!transition(s, mt)) return SUB_STATE_ERROR; - } if (s->s3->tmp.message_size > max_message_size(s)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER); diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 6fa3f1db67..7ffc63458f 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -265,6 +265,21 @@ int ossl_statem_client_read_transition(SSL *s, int mt) err: /* No valid transition found */ + if (SSL_IS_DTLS(s) && mt == SSL3_MT_CHANGE_CIPHER_SPEC) { + BIO *rbio; + + /* + * CCS messages don't have a message sequence number so this is probably + * because of an out-of-order CCS. We'll just drop it. + */ + s->init_num = 0; + s->rwstate = SSL_READING; + rbio = SSL_get_rbio(s); + BIO_clear_retry_flags(rbio); + BIO_set_retry_read(rbio); + return 0; + } + ossl_statem_set_error(s); ssl3_send_alert(s, SSL3_AL_FATAL, SSL3_AD_UNEXPECTED_MESSAGE); SSLerr(SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION, SSL_R_UNEXPECTED_MESSAGE); return 0; diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index f216db76c6..5591e1e584 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -213,6 +213,21 @@ int ossl_statem_server_read_transition(SSL *s, int mt) } /* No valid transition found */ + if (SSL_IS_DTLS(s) && mt == SSL3_MT_CHANGE_CIPHER_SPEC) { + BIO *rbio; + + /* + * CCS messages don't have a message sequence number so this is probably + * because of an out-of-order CCS. We'll just drop it. + */ + s->init_num = 0; + s->rwstate = SSL_READING; + rbio = SSL_get_rbio(s); + BIO_clear_retry_flags(rbio); + BIO_set_retry_read(rbio); + return 0; + } + ossl_statem_set_error(s); ssl3_send_alert(s, SSL3_AL_FATAL, SSL3_AD_UNEXPECTED_MESSAGE); SSLerr(SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION, SSL_R_UNEXPECTED_MESSAGE); return 0;