[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Matt Caswell matt at openssl.org
Wed Nov 2 23:32:22 UTC 2016 

The branch OpenSSL_1_0_2-stable has been updated
       via  563a34e18eb34f86fb26944724d4aa21ebaea850 (commit)
       via  f1185392189641014dca94f3fe7834bccb5f4c16 (commit)
      from  ad69a30323cbc6723c2387d6ce546a51b10c42d0 (commit)


- Log -----------------------------------------------------------------
commit 563a34e18eb34f86fb26944724d4aa21ebaea850
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Nov 2 22:27:22 2016 +0000

    Add a CHANGES entry for the unrecognised record type change
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>

commit f1185392189641014dca94f3fe7834bccb5f4c16
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Nov 2 22:26:17 2016 +0000

    Fail if an unrecognised record type is received
    
    TLS1.0 and TLS1.1 say you SHOULD ignore unrecognised record types, but
    TLS 1.2 says you MUST send an unexpected message alert. We swap to the
    TLS 1.2 behaviour for all protocol versions to prevent issues where no
    progress is being made and the peer continually sends unrecognised record
    types, using up resources processing them.
    
    Issue reported by 郭志攀
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 CHANGES      |  6 +++++-
 ssl/s3_pkt.c | 13 +++++--------
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/CHANGES b/CHANGES
index 009b7ef..1fbe3b3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,11 @@
 
  Changes between 1.0.2j and 1.0.2k [xx XXX xxxx]
 
-  *)
+  *) OpenSSL now fails if it receives an unrecognised record type in TLS1.0
+     or TLS1.1. Previously this only happened in SSLv3 and TLS1.2. This is to
+     prevent issues where no progress is being made and the peer continually
+     sends unrecognised record types, using up resources processing them.
+     [Matt Caswell]
 
  Changes between 1.0.2i and 1.0.2j [26 Sep 2016]
 
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 7e3a7b4..cb74d46 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1605,16 +1605,13 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
 
     switch (rr->type) {
     default:
-#ifndef OPENSSL_NO_TLS
         /*
-         * TLS up to v1.1 just ignores unknown message types: TLS v1.2 give
-         * an unexpected message alert.
+         * TLS 1.0 and 1.1 say you SHOULD ignore unrecognised record types, but
+         * TLS 1.2 says you MUST send an unexpected message alert. We use the
+         * TLS 1.2 behaviour for all protocol versions to prevent issues where
+         * no progress is being made and the peer continually sends unrecognised
+         * record types, using up resources processing them.
          */
-        if (s->version >= TLS1_VERSION && s->version <= TLS1_1_VERSION) {
-            rr->length = 0;
-            goto start;
-        }
-#endif
         al = SSL_AD_UNEXPECTED_MESSAGE;
         SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
         goto f_err;

More information about the openssl-commits mailing list