Remove the minimum record length checks from dtls1_read_bytes()

The code that handles each record type already has appropriate length checks. Furthermore, the handling of application data here is likely incorrect and bypasses the normal state checks at the end of this function. ok inoguchi@ tb@
author: jsing <> 2022-03-26 15:00:51 +0000
committer: jsing <> 2022-03-26 15:00:51 +0000
commit: 527e43312b5c8483664095a6593080962d0b2424 (patch)
tree: 9c30e55f631b15b508650179777da53cea635d7d
parent: 33c81c3e0f1ee210c394320c35bce015fbf8e11e (diff)
download: openbsd-527e43312b5c8483664095a6593080962d0b2424.tar.gz
openbsd-527e43312b5c8483664095a6593080962d0b2424.tar.bz2
openbsd-527e43312b5c8483664095a6593080962d0b2424.zip
1 files changed, 1 insertions, 32 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 9072315e72..f17608608e 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.121 2022/03/18 18:00:54 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.122 2022/03/26 15:00:51 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -826,37 +826,6 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
         * message, then it was unexpected (Hello Request or Client Hello).
         */
-        {
-                unsigned int record_min_len = 0;
-                if (rr->type == SSL3_RT_HANDSHAKE) {
-                        record_min_len = DTLS1_HM_HEADER_LENGTH;
-                } else if (rr->type == SSL3_RT_ALERT) {
-                        record_min_len = DTLS1_AL_HEADER_LENGTH;
-                } else if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
-                        record_min_len = DTLS1_CCS_HEADER_LENGTH;
-                } else if (rr->type == SSL3_RT_APPLICATION_DATA) {
-                        /*
-                         * Application data while renegotiating is allowed.
-                         * Try reading again.
-                         */
-                        s->s3->in_read_app_data = 2;
-                        ssl_force_want_read(s);
-                        return -1;
-                } else {
-                        /* Not certain if this is the right error handling */
-                        al = SSL_AD_UNEXPECTED_MESSAGE;
-                        SSLerror(s, SSL_R_UNEXPECTED_RECORD);
-                        goto fatal_err;
-                }
-                if (record_min_len > 0 && rr->length < record_min_len) {
-                        s->internal->rstate = SSL_ST_READ_HEADER;
-                        rr->length = 0;
-                        goto start;
-                }
-        }
        if (rr->type == SSL3_RT_ALERT) {
                if ((ret = ssl3_read_alert(s)) <= 0)
                        return ret;
author	jsing <>	2022-03-26 15:00:51 +0000
committer	jsing <>	2022-03-26 15:00:51 +0000
commit	527e43312b5c8483664095a6593080962d0b2424 (patch)
tree	9c30e55f631b15b508650179777da53cea635d7d
parent	33c81c3e0f1ee210c394320c35bce015fbf8e11e (diff)
download	openbsd-527e43312b5c8483664095a6593080962d0b2424.tar.gz openbsd-527e43312b5c8483664095a6593080962d0b2424.tar.bz2 openbsd-527e43312b5c8483664095a6593080962d0b2424.zip

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index 9072315e72..f17608608e 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_pkt.c,v 1.121 2022/03/18 18:00:54 jsing Exp $ */	1	/* $OpenBSD: d1_pkt.c,v 1.122 2022/03/26 15:00:51 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -826,37 +826,6 @@ dtls1_read_bytes(SSL s, int type, unsigned char buf, int len, int peek)
826	* message, then it was unexpected (Hello Request or Client Hello).	826	* message, then it was unexpected (Hello Request or Client Hello).
827	*/	827	*/
828		828
829	{
830	unsigned int record_min_len = 0;
831
832	if (rr->type == SSL3_RT_HANDSHAKE) {
833	record_min_len = DTLS1_HM_HEADER_LENGTH;
834	} else if (rr->type == SSL3_RT_ALERT) {
835	record_min_len = DTLS1_AL_HEADER_LENGTH;
836	} else if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
837	record_min_len = DTLS1_CCS_HEADER_LENGTH;
838	} else if (rr->type == SSL3_RT_APPLICATION_DATA) {
839	/*
840	* Application data while renegotiating is allowed.
841	* Try reading again.
842	*/
843	s->s3->in_read_app_data = 2;
844	ssl_force_want_read(s);
845	return -1;
846	} else {
847	/* Not certain if this is the right error handling */
848	al = SSL_AD_UNEXPECTED_MESSAGE;
849	SSLerror(s, SSL_R_UNEXPECTED_RECORD);
850	goto fatal_err;
851	}
852
853	if (record_min_len > 0 && rr->length < record_min_len) {
854	s->internal->rstate = SSL_ST_READ_HEADER;
855	rr->length = 0;
856	goto start;
857	}
858	}
859
860	if (rr->type == SSL3_RT_ALERT) {	829	if (rr->type == SSL3_RT_ALERT) {
861	if ((ret = ssl3_read_alert(s)) <= 0)	830	if ((ret = ssl3_read_alert(s)) <= 0)
862	return ret;	831	return ret;