record_add_to_buffers: check if there is an incomplete handshake headertmp-privkey-tls13

The function checks if a Handshake message is interleaved with an Application Data, but the check was insuffient because it assumed that a complete header is received in the buffer. This should also fix (1) of #699. Signed-off-by: Daiki Ueno <dueno@redhat.com>
author: Daiki Ueno <dueno@redhat.com> 2019-05-21 08:32:21 +0200
committer: Daiki Ueno <dueno@redhat.com> 2019-05-21 08:36:51 +0200
commit: c3d37da69d481cc85dd063d0f6d2af67778c4e37 (patch)
tree: 39033e3cfcde20425d7d047ea4bfd827ad7ff2ea
parent: f8529849999abc4f69dfbd162ea7e198a4835a58 (diff)
download: gnutls-tmp-privkey-tls13.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/record.c b/lib/record.c
index 7d661e2309..e17bebacdf 100644
--- a/lib/record.c
+++ b/lib/record.c
@@ -824,7 +824,9 @@ record_add_to_buffers(gnutls_session_t session,
 
 		/* application data cannot be inserted between (async) handshake
 		 * messages */
-		if (type == GNUTLS_APPLICATION_DATA && session->internals.handshake_recv_buffer_size != 0) {
+		if (type == GNUTLS_APPLICATION_DATA &&
+		    (session->internals.handshake_recv_buffer_size != 0 ||
+		     session->internals.handshake_header_recv_buffer.length != 0)) {
 			ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
 			goto unexpected_packet;
 		}
author	Daiki Ueno <dueno@redhat.com>	2019-05-21 08:32:21 +0200
committer	Daiki Ueno <dueno@redhat.com>	2019-05-21 08:36:51 +0200
commit	c3d37da69d481cc85dd063d0f6d2af67778c4e37 (patch)
tree	39033e3cfcde20425d7d047ea4bfd827ad7ff2ea
parent	f8529849999abc4f69dfbd162ea7e198a4835a58 (diff)
download	gnutls-tmp-privkey-tls13.tar.gz