diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-02-23 21:19:06 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-02-23 21:22:00 +0100 |
| commit | 908ef4ad2a3fa77bdfa77d347060c6b9ea313749 (patch) | |
| tree | 028edffef2a44f7c3e3c0c56a5693beaf1afa325 | |
| parent | 79cffd45799e01c67144d24f1f623716d6fe765c (diff) | |
| download | gnutls-tmp-explicit-sanity-checks.tar.gz | |
_gnutls_recv_handshake: added explicit sanity checkstmp-explicit-sanity-checks
Although, this function acts on the message provided as expected and thus
it should never call a message parsing function on unexpected
messages, we make a more explicit sanity check. This unifies the
sanity checks existing within the involved functions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| -rw-r--r-- | lib/handshake.c | 26 | ||||
| -rw-r--r-- | lib/tls13/hello_retry.c | 2 |
2 files changed, 24 insertions, 4 deletions
diff --git a/lib/handshake.c b/lib/handshake.c index 481210ebc0..32a85663c3 100644 --- a/lib/handshake.c +++ b/lib/handshake.c @@ -1526,6 +1526,11 @@ _gnutls_recv_handshake(gnutls_session_t session, switch (hsk.htype) { case GNUTLS_HANDSHAKE_CLIENT_HELLO_V2: case GNUTLS_HANDSHAKE_CLIENT_HELLO: + if (!(IS_SERVER(session))) { + ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET); + goto cleanup; + } + #ifdef ENABLE_SSL2 if (hsk.htype == GNUTLS_HANDSHAKE_CLIENT_HELLO_V2) ret = @@ -1552,6 +1557,11 @@ _gnutls_recv_handshake(gnutls_session_t session, break; case GNUTLS_HANDSHAKE_SERVER_HELLO: + if (IS_SERVER(session)) { + ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET); + goto cleanup; + } + ret = read_server_hello(session, hsk.data.data, hsk.data.length); @@ -1562,6 +1572,11 @@ _gnutls_recv_handshake(gnutls_session_t session, break; case GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST: + if (IS_SERVER(session)) { + ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET); + goto cleanup; + } + ret = recv_hello_verify_request(session, hsk.data.data, @@ -1579,6 +1594,12 @@ _gnutls_recv_handshake(gnutls_session_t session, case GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST: { /* hash buffer synth message is generated during hello retry parsing */ gnutls_datum_t hrr = {hsk.data.data, hsk.data.length}; + + if (IS_SERVER(session)) { + ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET); + goto cleanup; + } + ret = _gnutls13_recv_hello_retry_request(session, &hsk.data); @@ -2466,10 +2487,9 @@ recv_hello_verify_request(gnutls_session_t session, unsigned int nb_verifs; int ret; - if (!IS_DTLS(session) - || session->security_parameters.entity == GNUTLS_SERVER) { + if (!IS_DTLS(session)) { gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; + return GNUTLS_E_UNEXPECTED_PACKET; } nb_verifs = ++session->internals.dtls.hsk_hello_verify_requests; diff --git a/lib/tls13/hello_retry.c b/lib/tls13/hello_retry.c index 7f2bd1e529..cc7fed1885 100644 --- a/lib/tls13/hello_retry.c +++ b/lib/tls13/hello_retry.c @@ -115,7 +115,7 @@ _gnutls13_recv_hello_retry_request(gnutls_session_t session, /* only under TLS 1.3 */ if (IS_DTLS(session)) - return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET); if (session->internals.hsk_flags & HSK_HRR_RECEIVED) return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET); |