[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Wed Sep 21 19:23:44 UTC 2016
The branch master has been updated
via af58be768ebb690f78530f796e92b8ae5c9a4401 (commit)
from 7dc0ad4d6dca81a003be7fa1fbd58a55f4be8646 (commit)
- Log -----------------------------------------------------------------
commit af58be768ebb690f78530f796e92b8ae5c9a4401
Author: Matt Caswell <matt at openssl.org>
Date: Wed Sep 21 14:07:31 2016 +0100
Don't allow too many consecutive warning alerts
Certain warning alerts are ignored if they are received. This can mean that
no progress will be made if one peer continually sends those warning alerts.
Implement a count so that we abort the connection if we receive too many.
Issue reported by Shi Lei.
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
include/openssl/ssl.h | 1 +
ssl/record/rec_layer_d1.c | 16 ++++++++++++++++
ssl/record/rec_layer_s3.c | 16 ++++++++++++++++
ssl/record/record.h | 2 ++
ssl/record/record_locl.h | 2 ++
ssl/ssl_err.c | 1 +
6 files changed, 38 insertions(+)
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 183296c..d127c76 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -2485,6 +2485,7 @@ int ERR_load_SSL_strings(void);
# define SSL_R_TLS_HEARTBEAT_PENDING 366
# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
+# define SSL_R_TOO_MANY_WARN_ALERTS 409
# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
# define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c
index cd582f3..2455c2b 100644
--- a/ssl/record/rec_layer_d1.c
+++ b/ssl/record/rec_layer_d1.c
@@ -443,6 +443,14 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
}
}
+ /*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+ if (SSL3_RECORD_get_type(rr) != SSL3_RT_ALERT
+ && SSL3_RECORD_get_length(rr) != 0)
+ s->rlayer.alert_count = 0;
+
/* we now have a packet which can be read and processed */
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -722,6 +730,14 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
if (alert_level == SSL3_AL_WARNING) {
s->s3->warn_alert = alert_descr;
+
+ s->rlayer.alert_count++;
+ if (s->rlayer.alert_count == MAX_WARN_ALERT_COUNT) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+ goto f_err;
+ }
+
if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
#ifndef OPENSSL_NO_SCTP
/*
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 46870c0..abde9d4 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1063,6 +1063,14 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
} while (num_recs == 0);
rr = &rr[curr_rec];
+ /*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+ if (SSL3_RECORD_get_type(rr) != SSL3_RT_ALERT
+ && SSL3_RECORD_get_length(rr) != 0)
+ s->rlayer.alert_count = 0;
+
/* we now have a packet which can be read and processed */
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1333,6 +1341,14 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
if (alert_level == SSL3_AL_WARNING) {
s->s3->warn_alert = alert_descr;
SSL3_RECORD_set_read(rr);
+
+ s->rlayer.alert_count++;
+ if (s->rlayer.alert_count == MAX_WARN_ALERT_COUNT) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+ goto f_err;
+ }
+
if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
return (0);
diff --git a/ssl/record/record.h b/ssl/record/record.h
index a093aed..3e1530f 100644
--- a/ssl/record/record.h
+++ b/ssl/record/record.h
@@ -178,6 +178,8 @@ typedef struct record_layer_st {
unsigned char write_sequence[SEQ_NUM_SIZE];
/* Set to true if this is the first record in a connection */
unsigned int is_first_record;
+ /* Count of the number of consecutive warning alerts received */
+ unsigned int alert_count;
DTLS_RECORD_LAYER *d;
} RECORD_LAYER;
diff --git a/ssl/record/record_locl.h b/ssl/record/record_locl.h
index 52e59e4..b69afd8 100644
--- a/ssl/record/record_locl.h
+++ b/ssl/record/record_locl.h
@@ -14,6 +14,8 @@
* *
*****************************************************************************/
+#define MAX_WARN_ALERT_COUNT 5
+
/* Functions/macros provided by the RECORD_LAYER component */
#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf)
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index bba7cdb..ec550be 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -617,6 +617,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
"tls illegal exporter label"},
{ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
"tls invalid ecpointformat list"},
+ {ERR_REASON(SSL_R_TOO_MANY_WARN_ALERTS), "too many warn alerts"},
{ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),
"unable to find ecdh parameters"},
{ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),
More information about the openssl-commits
mailing list