mirror of
https://github.com/openssl/openssl.git
synced 2025-04-12 20:30:52 +08:00
f42e68dc47
In TLS we process received messages like this: 1) Read Message Header 2) Validate and transition state based on received message type 3) Read Message Body 4) Process Message In DTLS we read messages like this: 1) Read Message Header and Body 2) Validate and transition state based on received message type 3) Process Message The difference is because of the stream vs datagram semantics of the underlying transport. In both TLS and DTLS we were doing finished MAC processing as part of reading the message body. This means that in DTLS this was occurring *before* the state transition has been validated. A crash was occurring in DTLS if a Finished message was sent in an invalid state due to assumptions in the code that certain variables would have been setup by the time a Finished message arrives. To avoid this problem we shift the finished MAC processing to be after the state transition in DTLS. Thanks to github user @bathooman for reporting this issue. Fixes #14906 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14930)