mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #3740 from SparkiDev/tls13_one_hrr_sh

Browse Source 
TLS 1.3: Only allow one ServerHello and one HelloRetryRequest
This commit is contained in:
toddouska 2021-02-09 14:59:10 -08:00 committed by GitHub
commit f63f0ccb94
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/tls13.c
View File

@ -2881,8 +2881,19 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if ((i - begin) + RAN_LEN + ENUM_LEN > helloSz)
return BUFFER_ERROR;
if (XMEMCMP(input + i, helloRetryRequestRandom, RAN_LEN) == 0)
if (XMEMCMP(input + i, helloRetryRequestRandom, RAN_LEN) == 0) {
*extMsgType = hello_retry_request;
/* A HelloRetryRequest comes in as an ServerHello for MiddleBox compat.
* Found message to be a HelloRetryRequest.
* Don't allow more than one HelloRetryRequest or ServerHello.
*/
if (ssl->msgsReceived.got_hello_retry_request == 1) {
return DUPLICATE_MSG_E;
}
/* Update counts to reflect change of message type. */
ssl->msgsReceived.got_hello_retry_request++;
ssl->msgsReceived.got_server_hello--;
}
/* Server random - keep for debugging. */
XMEMCPY(ssl->arrays->serverRandom, input + i, RAN_LEN);
@ -6757,7 +6768,7 @@ static int SanityCheckTls13MsgReceived(WOLFSSL* ssl, byte type)
return OUT_OF_ORDER_E;
}
#endif
if (ssl->msgsReceived.got_server_hello == 2) {
if (ssl->msgsReceived.got_server_hello == 1) {
WOLFSSL_MSG("Duplicate ServerHello received");
return DUPLICATE_MSG_E;
}