Fix NewSesssionTicket vs ChangeCipherSpec bug

Since we were cheating on state, ssl_read_record() wasn't able to drop
out-of-sequence ChangeCipherSpec messages. Cheat a bit less.
This commit is contained in:
Manuel Pégourié-Gonnard 2014-09-20 13:54:12 +02:00 committed by Paul Bakker
parent a6189f0fb0
commit cd32a50d67

View file

@ -2686,6 +2686,7 @@ static int ssl_parse_new_session_ticket( ssl_context *ssl )
/* We're not waiting for a NewSessionTicket message any more */
ssl->handshake->new_session_ticket = 0;
ssl->state = SSL_SERVER_CHANGE_CIPHER_SPEC;
/*
* Zero-length ticket means the server changed his mind and doesn't want
@ -2751,6 +2752,16 @@ int ssl_handshake_client_step( ssl_context *ssl )
}
#endif
/* Change state now, so that it is right in ssl_read_record(), used
* by DTLS for dropping out-of-sequence ChangeCipherSpec records */
#if defined(POLARSSL_SSL_SESSION_TICKETS)
if( ssl->state == SSL_SERVER_CHANGE_CIPHER_SPEC &&
ssl->handshake->new_session_ticket != 0 )
{
ssl->state = SSL_SERVER_NEW_SESSION_TICKET;
}
#endif
switch( ssl->state )
{
case SSL_HELLO_REQUEST:
@ -2823,12 +2834,13 @@ int ssl_handshake_client_step( ssl_context *ssl )
* ChangeCipherSpec
* Finished
*/
case SSL_SERVER_CHANGE_CIPHER_SPEC:
#if defined(POLARSSL_SSL_SESSION_TICKETS)
if( ssl->handshake->new_session_ticket != 0 )
case SSL_SERVER_NEW_SESSION_TICKET:
ret = ssl_parse_new_session_ticket( ssl );
else
break;
#endif
case SSL_SERVER_CHANGE_CIPHER_SPEC:
ret = ssl_parse_change_cipher_spec( ssl );
break;