diff options
author | Frantisek Krenzelok <krenzelok.frantisek@gmail.com> | 2022-11-23 10:39:46 +0100 |
---|---|---|
committer | Frantisek Krenzelok <krenzelok.frantisek@gmail.com> | 2023-01-27 15:13:26 +0100 |
commit | d8d6952f620e743b9f0be895f51179ffbacd0d11 (patch) | |
tree | a2a2e0033498ada9f7510289ad3ec42ba9b96f80 | |
parent | 91a59254eeb41a22d6e17d528ff4d8c3f62a3a7c (diff) | |
download | gnutls-d8d6952f620e743b9f0be895f51179ffbacd0d11.tar.gz |
DTLS1_3: Hello Retry Request
Use hello retry request instead of hello verify request
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
-rw-r--r-- | lib/buffers.c | 2 | ||||
-rw-r--r-- | lib/ext/key_share.c | 3 | ||||
-rw-r--r-- | lib/handshake.c | 3 | ||||
-rw-r--r-- | lib/tls13/hello_retry.c | 7 |
4 files changed, 7 insertions, 8 deletions
diff --git a/lib/buffers.c b/lib/buffers.c index 2a2aaecfec..abde55236c 100644 --- a/lib/buffers.c +++ b/lib/buffers.c @@ -952,7 +952,7 @@ parse_handshake_header(gnutls_session_t session, mbuffer_st * bufel, /* TLS1.3: distinguish server hello versus hello retry request. * The epitome of slick protocol design. */ - if (hsk->htype == GNUTLS_HANDSHAKE_SERVER_HELLO && hsk->start_offset == 0 && !IS_DTLS(session)) { + if (hsk->htype == GNUTLS_HANDSHAKE_SERVER_HELLO && hsk->start_offset == 0 ) { if (_mbuffer_get_udata_size(bufel) > handshake_header_size+2+GNUTLS_RANDOM_SIZE && memcmp(dataptr+handshake_header_size+2, HRR_RANDOM, GNUTLS_RANDOM_SIZE) == 0) { hsk->htype = GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST; diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c index 9a82e4d364..af46305826 100644 --- a/lib/ext/key_share.c +++ b/lib/ext/key_share.c @@ -698,7 +698,8 @@ key_share_send_params(gnutls_session_t session, if (ret < 0) return gnutls_assert_val(ret); - if (session->internals.hsk_flags & HSK_HRR_RECEIVED) { /* we know the group */ + if (session->internals.hsk_flags & HSK_HRR_RECEIVED && + ver->id != GNUTLS_DTLS1_3) { /* we know the group */ group = get_group(session); if (unlikely(group == NULL)) return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); diff --git a/lib/handshake.c b/lib/handshake.c index 38718b6d52..1633157230 100644 --- a/lib/handshake.c +++ b/lib/handshake.c @@ -3065,7 +3065,8 @@ static int handshake_client(gnutls_session_t session) IMED_RET("send hello", ret, 1); FALLTHROUGH; case STATE2: - if (IS_DTLS(session)) { + ver = _gnutls_version_max(session); + if (IS_DTLS(session) && !ver->tls13_sem) { ret = _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST, diff --git a/lib/tls13/hello_retry.c b/lib/tls13/hello_retry.c index dd4cba576a..1226733329 100644 --- a/lib/tls13/hello_retry.c +++ b/lib/tls13/hello_retry.c @@ -113,10 +113,6 @@ _gnutls13_recv_hello_retry_request(gnutls_session_t session, gnutls_datum_t session_id; uint8_t random[GNUTLS_RANDOM_SIZE]; - /* only under TLS 1.3 */ - if (IS_DTLS(session)) - return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET); - if (session->internals.hsk_flags & HSK_HRR_RECEIVED) return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET); @@ -127,7 +123,8 @@ _gnutls13_recv_hello_retry_request(gnutls_session_t session, if (ret < 0) return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); - if (unlikely(tmp[0] != 0x03 || tmp[1] != 0x03)) + if (unlikely(!(tmp[0] == 0x03 && tmp[1] == 0x03) && + !(tmp[0] == 0xfe && tmp[1] == 0xfd))) return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET); ret = _gnutls_buffer_pop_data(buf, random, GNUTLS_RANDOM_SIZE); |