diff options
author | Martin Thomson <martin.thomson@gmail.com> | 2017-11-21 11:48:30 +1100 |
---|---|---|
committer | Martin Thomson <martin.thomson@gmail.com> | 2017-11-21 11:48:30 +1100 |
commit | 2c56eef4056a2b038f4b7c8fa0505fd44a3b07ac (patch) | |
tree | c190e2b9afffdccfee8a22ccd956f2a2d2db41d3 | |
parent | 856a8fcb18b13e17ef04272b0e16057f274d2036 (diff) | |
download | nss-hg-2c56eef4056a2b038f4b7c8fa0505fd44a3b07ac.tar.gz |
Bug 1413786 - Ignore parse errors for encrypted handshake message, a=bustage
-rw-r--r-- | gtests/ssl_gtest/tls_filter.cc | 6 | ||||
-rw-r--r-- | gtests/ssl_gtest/tls_filter.h | 3 |
2 files changed, 7 insertions, 2 deletions
diff --git a/gtests/ssl_gtest/tls_filter.cc b/gtests/ssl_gtest/tls_filter.cc index a05cbb8bc..6706d2252 100644 --- a/gtests/ssl_gtest/tls_filter.cc +++ b/gtests/ssl_gtest/tls_filter.cc @@ -303,6 +303,7 @@ PacketFilter::Action TlsHandshakeFilter::FilterRecord( preceding_fragment_.Assign(handshake); continue; } + preceding_fragment_.Truncate(0); DataBuffer filtered; PacketFilter::Action action = FilterHandshake(header, handshake, &filtered); @@ -350,13 +351,14 @@ bool TlsHandshakeFilter::HandshakeHeader::ReadLength( } message_seq_ = message_seq_tmp; - uint32_t offset; + uint32_t offset = 0; if (!parser->Read(&offset, 3)) { return false; } // We only parse if the fragments are all complete and in order. if (offset != expected_offset) { - ADD_FAILURE() << "Received out of order handshake fragments"; + EXPECT_NE(0U, header.epoch()) + << "Received out of order handshake fragment for epoch 0"; return false; } diff --git a/gtests/ssl_gtest/tls_filter.h b/gtests/ssl_gtest/tls_filter.h index 3e7c8d3a4..5bd804f18 100644 --- a/gtests/ssl_gtest/tls_filter.h +++ b/gtests/ssl_gtest/tls_filter.h @@ -50,6 +50,9 @@ class TlsRecordHeader : public TlsVersioned { uint8_t content_type() const { return content_type_; } uint64_t sequence_number() const { return sequence_number_; } + uint16_t epoch() const { + return static_cast<uint16_t>(sequence_number_ >> 48); + } size_t header_length() const { return is_dtls() ? 13 : 5; } // Parse the header; return true if successful; body in an outparam if OK. |