From 954740e2a8c891fcfb2653a1104909e2c4ef4554 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Sat, 4 Oct 2014 12:41:51 -0700 Subject: [PATCH] Added check for expected session ticket --- cyassl/error-ssl.h | 3 ++- cyassl/internal.h | 5 ++++- src/internal.c | 20 ++++++++++++++++++++ 3 files changed, 26 insertions(+), 2 deletions(-) diff --git a/cyassl/error-ssl.h b/cyassl/error-ssl.h index f8c7f8ac2..625cd8296 100644 --- a/cyassl/error-ssl.h +++ b/cyassl/error-ssl.h @@ -127,7 +127,8 @@ enum CyaSSL_ErrorCodes { /* end negotiation parameter errors only 10 for now */ /* add strings to SetErrorString !!!!! */ - SESSION_TICKET_LEN_E = -392 /* Session Ticket too large */ + SESSION_TICKET_LEN_E = -392, /* Session Ticket too large */ + SESSION_TICKET_EXPECT_E = -393 /* Session Ticket missing */ }; diff --git a/cyassl/internal.h b/cyassl/internal.h index 72e0fe674..47e854ebc 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -685,7 +685,6 @@ enum Misc { COMP_LEN = 1, /* compression length */ CURVE_LEN = 2, /* ecc named curve length */ SERVER_ID_LEN = 20, /* server session id length */ - SESSION_TICKET_LEN = 256, /* Session ticket length */ HANDSHAKE_HEADER_SZ = 4, /* type + length(3) */ RECORD_HEADER_SZ = 5, /* type + version + len(2) */ @@ -813,6 +812,10 @@ enum Misc { #define MAX_CHAIN_DEPTH 9 #endif +#ifndef SESSION_TICKET_LEN + #define SESSION_TICKET_LEN 256 +#endif + /* don't use extra 3/4k stack space unless need to */ #ifdef HAVE_NTRU diff --git a/src/internal.c b/src/internal.c index 613ca7b0b..bce25814e 100644 --- a/src/internal.c +++ b/src/internal.c @@ -6323,6 +6323,14 @@ int ProcessReply(CYASSL* ssl) } #endif +#ifdef HAVE_SESSION_TICKET + if (ssl->options.side == CYASSL_CLIENT_END && + ssl->expect_session_ticket) { + CYASSL_MSG("Expected session ticket missing"); + return SESSION_TICKET_EXPECT_E; + } +#endif + if (ssl->keys.encryptionOn && ssl->options.handShakeDone) { ssl->buffers.inputBuffer.idx += ssl->keys.padSz; ssl->curSize -= ssl->buffers.inputBuffer.idx; @@ -7678,9 +7686,14 @@ const char* CyaSSL_ERR_reason_error_string(unsigned long e) case SECURE_RENEGOTIATION_E: return "Invalid Renegotiation Error"; +#ifdef HAVE_SESSION_TICKET case SESSION_TICKET_LEN_E: return "Session Ticket Too Long Error"; + case SESSION_TICKET_EXPECT_E: + return "Session Ticket Error"; +#endif + default : return "unknown error number"; } @@ -10445,6 +10458,11 @@ int DoSessionTicket(CYASSL* ssl, word32 lifetime; word16 length; + if (ssl->expect_session_ticket == 0) { + CYASSL_MSG("Unexpected session ticket"); + return SESSION_TICKET_EXPECT_E; + } + if ((*inOutIdx - begin) + OPAQUE32_LEN > size) return BUFFER_ERROR; @@ -10488,6 +10506,8 @@ int DoSessionTicket(CYASSL* ssl, *inOutIdx += ssl->keys.padSz; } + ssl->expect_session_ticket = 0; + return BuildFinished(ssl, &ssl->verifyHashes, server); } #endif /* HAVE_SESSION_TICKET */