diff options
| author | jsing <> | 2022-02-21 18:22:20 +0000 |
|---|---|---|
| committer | jsing <> | 2022-02-21 18:22:20 +0000 |
| commit | a59b14b2d3f8047fe5b687d37304433773603a3f (patch) | |
| tree | b58aa2f628b6d8b36920b544c96c0647c2281969 /src/lib/libssl/d1_pkt.c | |
| parent | 194ce8d94cd74f12663cf8ca258294804ca1aabf (diff) | |
| download | openbsd-a59b14b2d3f8047fe5b687d37304433773603a3f.tar.gz openbsd-a59b14b2d3f8047fe5b687d37304433773603a3f.tar.bz2 openbsd-a59b14b2d3f8047fe5b687d37304433773603a3f.zip | |
Factor out alert handing code in the legacy stack.libressl-v3.5.0
Pull out the code that processes incoming alerts - a chunk of the
complexity is due to the fact that in TLSv1.2 and earlier, alerts can be
fragmented across multiple records or multiple alerts can be delivered
in a single record.
In DTLS there is no way that we can reassemble fragmented alerts (although
the RFC is silent on this), however we could have multiple alerts in the
same record. This change means that we will handle this situation more
appropriately and if we encounter a fragmented alert we will now treat this
as a decode error (instead of silently ignoring it).
ok beck@ tb@
Diffstat (limited to 'src/lib/libssl/d1_pkt.c')
| -rw-r--r-- | src/lib/libssl/d1_pkt.c | 37 |
1 files changed, 4 insertions, 33 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index e884f2d592..e07fc7e3f9 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_pkt.c,v 1.117 2022/02/05 14:54:10 jsing Exp $ */ | 1 | /* $OpenBSD: d1_pkt.c,v 1.118 2022/02/21 18:22:20 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -735,38 +735,9 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) | |||
| 735 | goto start; | 735 | goto start; |
| 736 | } | 736 | } |
| 737 | 737 | ||
| 738 | if (rr->type == SSL3_RT_ALERT && rr->length >= DTLS1_AL_HEADER_LENGTH && | 738 | if (rr->type == SSL3_RT_ALERT) { |
| 739 | rr->off == 0) { | 739 | if ((ret = ssl3_read_alert(s)) <= 0) |
| 740 | int alert_level = rr->data[0]; | 740 | return ret; |
| 741 | int alert_descr = rr->data[1]; | ||
| 742 | |||
| 743 | ssl_msg_callback(s, 0, SSL3_RT_ALERT, rr->data, 2); | ||
| 744 | |||
| 745 | ssl_info_callback(s, SSL_CB_READ_ALERT, | ||
| 746 | (alert_level << 8) | alert_descr); | ||
| 747 | |||
| 748 | if (alert_level == SSL3_AL_WARNING) { | ||
| 749 | s->s3->warn_alert = alert_descr; | ||
| 750 | if (alert_descr == SSL_AD_CLOSE_NOTIFY) { | ||
| 751 | s->internal->shutdown |= SSL_RECEIVED_SHUTDOWN; | ||
| 752 | return (0); | ||
| 753 | } | ||
| 754 | } else if (alert_level == SSL3_AL_FATAL) { | ||
| 755 | s->internal->rwstate = SSL_NOTHING; | ||
| 756 | s->s3->fatal_alert = alert_descr; | ||
| 757 | SSLerror(s, SSL_AD_REASON_OFFSET + alert_descr); | ||
| 758 | ERR_asprintf_error_data("SSL alert number %d", | ||
| 759 | alert_descr); | ||
| 760 | s->internal->shutdown|=SSL_RECEIVED_SHUTDOWN; | ||
| 761 | SSL_CTX_remove_session(s->ctx, s->session); | ||
| 762 | return (0); | ||
| 763 | } else { | ||
| 764 | al = SSL_AD_ILLEGAL_PARAMETER; | ||
| 765 | SSLerror(s, SSL_R_UNKNOWN_ALERT_TYPE); | ||
| 766 | goto fatal_err; | ||
| 767 | } | ||
| 768 | |||
| 769 | rr->length = 0; | ||
| 770 | goto start; | 741 | goto start; |
| 771 | } | 742 | } |
| 772 | 743 | ||