From b05e94746a653cd4b83bc444092de90f90e0ea88 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sun, 20 Jan 2019 02:57:16 +0000
Subject: Add some internal consistency checks to the handshake state handling.

Fix the tls13_handshake_advance_state_machine() return value, which
inadvertantly got flipped in an earlier commit. Also move this function
to a more suitable location.

ok tb@
---
 src/lib/libssl/tls13_handshake.c | 32 +++++++++++++++++++++++---------
 1 file changed, 23 insertions(+), 9 deletions(-)

diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index 7798093def..9110c601c6 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_handshake.c,v 1.11 2019/01/20 02:08:05 tb Exp $	*/
+/*	$OpenBSD: tls13_handshake.c,v 1.12 2019/01/20 02:57:16 jsing Exp $	*/
 /*
  * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
@@ -30,7 +30,7 @@
 /* Indexing into the state machine */
 struct tls13_handshake {
 	uint8_t			hs_type;
-	int			message_number;
+	uint8_t			message_number;
 };
 
 struct tls13_ctx {
@@ -259,10 +259,18 @@ static enum tls13_message_type handshakes[][TLS13_NUM_MESSAGE_TYPES] = {
 	},
 };
 
+#define NUM_HANDSHAKES (sizeof(handshakes) / sizeof(handshakes[0]))
+
 enum tls13_message_type
 tls13_handshake_active_state(struct tls13_ctx *ctx)
 {
 	struct tls13_handshake hs = ctx->handshake;
+
+	if (hs.hs_type >= NUM_HANDSHAKES)
+		return INVALID;
+	if (hs.message_number >= TLS13_NUM_MESSAGE_TYPES)
+		return INVALID;
+
 	return handshakes[hs.hs_type][hs.message_number];
 }
 
@@ -270,9 +278,22 @@ struct tls13_handshake_action *
 tls13_handshake_active_action(struct tls13_ctx *ctx)
 {
 	enum tls13_message_type mt = tls13_handshake_active_state(ctx);
+
+	if (mt == INVALID)
+		return NULL;
+
 	return &state_machine[mt];
 }
 
+int
+tls13_handshake_advance_state_machine(struct tls13_ctx *ctx)
+{
+	if (++ctx->handshake.message_number >= TLS13_NUM_MESSAGE_TYPES)
+		return 0;
+
+	return 1;
+}
+
 int
 tls13_connect(struct tls13_ctx *ctx)
 {
@@ -331,13 +352,6 @@ tls13_accept(struct tls13_ctx *ctx)
 	return 1;
 }
 
-int
-tls13_handshake_advance_state_machine(struct tls13_ctx *ctx)
-{
-	ctx->handshake.message_number++;
-	return 0;
-}
-
 int
 tls13_handshake_send_action(struct tls13_ctx *ctx,
     struct tls13_handshake_action *action)
-- 
cgit v1.2.3-55-g6feb