yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-18 21:21:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Drop out-of-sequence ChangeCipherSpec messages

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-09-20 10:04:00 +02:00 committed by Paul Bakker
parent 7cf3518284
commit 767c69561b
1 changed files with 15 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
library/ssl_tls.c
View file

@ -2637,7 +2637,7 @@ static int ssl_prepare_handshake_record( ssl_context *ssl )
}
else
{
SSL_DEBUG_MSG( 2, ( "dropping out-of-order message: "
SSL_DEBUG_MSG( 2, ( "dropping out-of-sequence message: "
"message_seq = %d, expected = %d",
recv_msg_seq,
ssl->handshake->in_msg_seq ) );
@ -3017,6 +3017,20 @@ read_record_header:
}
}
#if defined(POLARSSL_SSL_PROTO_DTLS)
if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
{
/* Drop unexpected ChangeCipherSpec messages */
if( ssl->in_msgtype == SSL_MSG_CHANGE_CIPHER_SPEC &&
ssl->state != SSL_CLIENT_CHANGE_CIPHER_SPEC &&
ssl->state != SSL_SERVER_CHANGE_CIPHER_SPEC )
{
SSL_DEBUG_MSG( 2, ( "dropping unexpected ChangeCipherSpec" ) );
return( POLARSSL_ERR_NET_WANT_READ );
}
}
#endif
SSL_DEBUG_MSG( 2, ( "<= read record" ) );
return( 0 );