diff options
| author | jsing <> | 2021-01-13 18:32:00 +0000 |
|---|---|---|
| committer | jsing <> | 2021-01-13 18:32:00 +0000 |
| commit | 0aa7afb6698c8f133e37044a23318c0af4d8be94 (patch) | |
| tree | d0364bebf74363e0fd200341fed4feb160a74994 /src | |
| parent | 9a0dba9f6be22dea02c323e4d3a7d4a5dde36ea4 (diff) | |
| download | openbsd-0aa7afb6698c8f133e37044a23318c0af4d8be94.tar.gz openbsd-0aa7afb6698c8f133e37044a23318c0af4d8be94.tar.bz2 openbsd-0aa7afb6698c8f133e37044a23318c0af4d8be94.zip | |
Clean up read sequence handling in DTLS.
Pass the explicit DTLS read sequence number to dtls1_record_bitmap_update()
and dtls1_record_replay_check(), rather than expecting it to be in
S3I(s)->read_sequence. Also, store the read sequence number into
S3I(s)->rrec.seq_num when we're processing the record header, rather than
having dtls1_record_replay_check() be responsible for copying it.
ok inoguchi@ tb@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/d1_pkt.c | 40 |
1 files changed, 21 insertions, 19 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index 4c450d2cb9..18d0ec5a3f 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_pkt.c,v 1.86 2021/01/13 18:20:54 jsing Exp $ */ | 1 | /* $OpenBSD: d1_pkt.c,v 1.87 2021/01/13 18:32:00 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -184,8 +184,10 @@ satsub64be(const unsigned char *v1, const unsigned char *v2) | |||
| 184 | 184 | ||
| 185 | static int have_handshake_fragment(SSL *s, int type, unsigned char *buf, | 185 | static int have_handshake_fragment(SSL *s, int type, unsigned char *buf, |
| 186 | int len, int peek); | 186 | int len, int peek); |
| 187 | static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap); | 187 | static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap, |
| 188 | static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap); | 188 | const unsigned char *seq); |
| 189 | static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap, | ||
| 190 | const unsigned char *seq); | ||
| 189 | static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD_INTERNAL *rr, | 191 | static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD_INTERNAL *rr, |
| 190 | unsigned int *is_next_epoch); | 192 | unsigned int *is_next_epoch); |
| 191 | static int dtls1_buffer_record(SSL *s, record_pqueue *q, | 193 | static int dtls1_buffer_record(SSL *s, record_pqueue *q, |
| @@ -414,10 +416,15 @@ again: | |||
| 414 | !CBS_get_bytes(&header, &seq_no, 6)) | 416 | !CBS_get_bytes(&header, &seq_no, 6)) |
| 415 | goto again; | 417 | goto again; |
| 416 | 418 | ||
| 419 | if (!CBS_get_u16(&header, &len)) | ||
| 420 | goto again; | ||
| 421 | |||
| 417 | if (!CBS_write_bytes(&seq_no, &(S3I(s)->read_sequence[2]), | 422 | if (!CBS_write_bytes(&seq_no, &(S3I(s)->read_sequence[2]), |
| 418 | sizeof(S3I(s)->read_sequence) - 2, NULL)) | 423 | sizeof(S3I(s)->read_sequence) - 2, NULL)) |
| 419 | goto again; | 424 | goto again; |
| 420 | if (!CBS_get_u16(&header, &len)) | 425 | |
| 426 | if (!CBS_write_bytes(&seq_no, &rr->seq_num[2], | ||
| 427 | sizeof(rr->seq_num) - 2, NULL)) | ||
| 421 | goto again; | 428 | goto again; |
| 422 | 429 | ||
| 423 | rr->type = type; | 430 | rr->type = type; |
| @@ -466,7 +473,7 @@ again: | |||
| 466 | */ | 473 | */ |
| 467 | if (!(D1I(s)->listen && rr->type == SSL3_RT_HANDSHAKE && | 474 | if (!(D1I(s)->listen && rr->type == SSL3_RT_HANDSHAKE && |
| 468 | p != NULL && *p == SSL3_MT_CLIENT_HELLO) && | 475 | p != NULL && *p == SSL3_MT_CLIENT_HELLO) && |
| 469 | !dtls1_record_replay_check(s, bitmap)) | 476 | !dtls1_record_replay_check(s, bitmap, rr->seq_num)) |
| 470 | goto again; | 477 | goto again; |
| 471 | 478 | ||
| 472 | /* just read a 0 length packet */ | 479 | /* just read a 0 length packet */ |
| @@ -484,7 +491,7 @@ again: | |||
| 484 | rr->seq_num) < 0) | 491 | rr->seq_num) < 0) |
| 485 | return (-1); | 492 | return (-1); |
| 486 | /* Mark receipt of record. */ | 493 | /* Mark receipt of record. */ |
| 487 | dtls1_record_bitmap_update(s, bitmap); | 494 | dtls1_record_bitmap_update(s, bitmap, rr->seq_num); |
| 488 | } | 495 | } |
| 489 | goto again; | 496 | goto again; |
| 490 | } | 497 | } |
| @@ -493,7 +500,7 @@ again: | |||
| 493 | goto again; | 500 | goto again; |
| 494 | 501 | ||
| 495 | /* Mark receipt of record. */ | 502 | /* Mark receipt of record. */ |
| 496 | dtls1_record_bitmap_update(s, bitmap); | 503 | dtls1_record_bitmap_update(s, bitmap, rr->seq_num); |
| 497 | 504 | ||
| 498 | return (1); | 505 | return (1); |
| 499 | } | 506 | } |
| @@ -1128,34 +1135,30 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len) | |||
| 1128 | } | 1135 | } |
| 1129 | 1136 | ||
| 1130 | static int | 1137 | static int |
| 1131 | dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap) | 1138 | dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap, |
| 1139 | const unsigned char *seq) | ||
| 1132 | { | 1140 | { |
| 1133 | int cmp; | ||
| 1134 | unsigned int shift; | 1141 | unsigned int shift; |
| 1135 | const unsigned char *seq = S3I(s)->read_sequence; | 1142 | int cmp; |
| 1136 | 1143 | ||
| 1137 | cmp = satsub64be(seq, bitmap->max_seq_num); | 1144 | cmp = satsub64be(seq, bitmap->max_seq_num); |
| 1138 | if (cmp > 0) { | 1145 | if (cmp > 0) |
| 1139 | memcpy (S3I(s)->rrec.seq_num, seq, 8); | ||
| 1140 | return 1; /* this record in new */ | 1146 | return 1; /* this record in new */ |
| 1141 | } | ||
| 1142 | shift = -cmp; | 1147 | shift = -cmp; |
| 1143 | if (shift >= sizeof(bitmap->map)*8) | 1148 | if (shift >= sizeof(bitmap->map)*8) |
| 1144 | return 0; /* stale, outside the window */ | 1149 | return 0; /* stale, outside the window */ |
| 1145 | else if (bitmap->map & (1UL << shift)) | 1150 | else if (bitmap->map & (1UL << shift)) |
| 1146 | return 0; /* record previously received */ | 1151 | return 0; /* record previously received */ |
| 1147 | 1152 | ||
| 1148 | memcpy(S3I(s)->rrec.seq_num, seq, 8); | ||
| 1149 | return 1; | 1153 | return 1; |
| 1150 | } | 1154 | } |
| 1151 | 1155 | ||
| 1152 | |||
| 1153 | static void | 1156 | static void |
| 1154 | dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap) | 1157 | dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap, |
| 1158 | const unsigned char *seq) | ||
| 1155 | { | 1159 | { |
| 1156 | int cmp; | ||
| 1157 | unsigned int shift; | 1160 | unsigned int shift; |
| 1158 | const unsigned char *seq = S3I(s)->read_sequence; | 1161 | int cmp; |
| 1159 | 1162 | ||
| 1160 | cmp = satsub64be(seq, bitmap->max_seq_num); | 1163 | cmp = satsub64be(seq, bitmap->max_seq_num); |
| 1161 | if (cmp > 0) { | 1164 | if (cmp > 0) { |
| @@ -1172,7 +1175,6 @@ dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap) | |||
| 1172 | } | 1175 | } |
| 1173 | } | 1176 | } |
| 1174 | 1177 | ||
| 1175 | |||
| 1176 | int | 1178 | int |
| 1177 | dtls1_dispatch_alert(SSL *s) | 1179 | dtls1_dispatch_alert(SSL *s) |
| 1178 | { | 1180 | { |