mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-30 14:01:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Ensure unexpected messages are handled consistently

Browse Source 
In one case we weren't always sending an unexpected message alert if we
don't get what we expect.

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Matt Caswell 2016-11-15 10:30:34 +00:00
parent 7776a36cfa
commit 5abeaf3596
2 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ssl/statem/statem_clnt.c
View File

@ -179,9 +179,6 @@ static int ossl_statem_client13_read_transition(SSL *s, int mt)
}
/* No valid transition found */
ssl3_send_alert(s, SSL3_AL_FATAL, SSL3_AD_UNEXPECTED_MESSAGE);
SSLerr(SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION,
SSL_R_UNEXPECTED_MESSAGE);
return 0;
}
@ -203,8 +200,11 @@ int ossl_statem_client_read_transition(SSL *s, int mt)
* Note that after a ClientHello we don't know what version we are going
* to negotiate yet, so we don't take this branch until later
*/
if (s->method->version == TLS1_3_VERSION)
return ossl_statem_client13_read_transition(s, mt);
if (s->method->version == TLS1_3_VERSION) {
if (!ossl_statem_client13_read_transition(s, mt))
goto err;
return 1;
}
switch (st->hand_state) {
default:

8
ssl/statem/statem_srvr.c
View File

@ -150,8 +150,11 @@ int ossl_statem_server_read_transition(SSL *s, int mt)
{
OSSL_STATEM *st = &s->statem;
if (s->method->version == TLS1_3_VERSION)
return ossl_statem_server13_read_transition(s, mt);
if (s->method->version == TLS1_3_VERSION) {
if (!ossl_statem_server13_read_transition(s, mt))
goto err;
return 1;
}
switch (st->hand_state) {
default:
@ -284,6 +287,7 @@ int ossl_statem_server_read_transition(SSL *s, int mt)
break;
}
err:
/* No valid transition found */
ssl3_send_alert(s, SSL3_AL_FATAL, SSL3_AD_UNEXPECTED_MESSAGE);
SSLerr(SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION, SSL_R_UNEXPECTED_MESSAGE);