[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Matt Caswell
matt at openssl.org
Wed Sep 21 19:23:55 UTC 2016
The branch OpenSSL_1_1_0-stable has been updated
via 6915f39e68f02ad08a635516d46e72bbf0379914 (commit)
from e7498968e229a4ec27702a3703826873a279a07b (commit)
- Log -----------------------------------------------------------------
commit 6915f39e68f02ad08a635516d46e72bbf0379914
Author: Matt Caswell <matt at openssl.org>
Date: Wed Sep 21 14:07:31 2016 +0100
Don't allow too many consecutive warning alerts
Certain warning alerts are ignored if they are received. This can mean that
no progress will be made if one peer continually sends those warning alerts.
Implement a count so that we abort the connection if we receive too many.
Issue reported by Shi Lei.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(cherry picked from commit af58be768ebb690f78530f796e92b8ae5c9a4401)
-----------------------------------------------------------------------
Summary of changes:
include/openssl/ssl.h | 1 +
ssl/record/rec_layer_d1.c | 16 ++++++++++++++++
ssl/record/rec_layer_s3.c | 16 ++++++++++++++++
ssl/record/record.h | 2 ++
ssl/record/record_locl.h | 2 ++
ssl/ssl_err.c | 1 +
6 files changed, 38 insertions(+)
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 41cb36e..440b9a0 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -2482,6 +2482,7 @@ int ERR_load_SSL_strings(void);
# define SSL_R_TLS_HEARTBEAT_PENDING 366
# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
+# define SSL_R_TOO_MANY_WARN_ALERTS 409
# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
# define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c
index cd582f3..2455c2b 100644
--- a/ssl/record/rec_layer_d1.c
+++ b/ssl/record/rec_layer_d1.c
@@ -443,6 +443,14 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
}
}
+ /*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+ if (SSL3_RECORD_get_type(rr) != SSL3_RT_ALERT
+ && SSL3_RECORD_get_length(rr) != 0)
+ s->rlayer.alert_count = 0;
+
/* we now have a packet which can be read and processed */
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -722,6 +730,14 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
if (alert_level == SSL3_AL_WARNING) {
s->s3->warn_alert = alert_descr;
+
+ s->rlayer.alert_count++;
+ if (s->rlayer.alert_count == MAX_WARN_ALERT_COUNT) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+ goto f_err;
+ }
+
if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
#ifndef OPENSSL_NO_SCTP
/*
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 46870c0..abde9d4 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1063,6 +1063,14 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
} while (num_recs == 0);
rr = &rr[curr_rec];
+ /*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+ if (SSL3_RECORD_get_type(rr) != SSL3_RT_ALERT
+ && SSL3_RECORD_get_length(rr) != 0)
+ s->rlayer.alert_count = 0;
+
/* we now have a packet which can be read and processed */
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1333,6 +1341,14 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
if (alert_level == SSL3_AL_WARNING) {
s->s3->warn_alert = alert_descr;
SSL3_RECORD_set_read(rr);
+
+ s->rlayer.alert_count++;
+ if (s->rlayer.alert_count == MAX_WARN_ALERT_COUNT) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+ goto f_err;
+ }
+
if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
return (0);
diff --git a/ssl/record/record.h b/ssl/record/record.h
index a093aed..3e1530f 100644
--- a/ssl/record/record.h
+++ b/ssl/record/record.h
@@ -178,6 +178,8 @@ typedef struct record_layer_st {
unsigned char write_sequence[SEQ_NUM_SIZE];
/* Set to true if this is the first record in a connection */
unsigned int is_first_record;
+ /* Count of the number of consecutive warning alerts received */
+ unsigned int alert_count;
DTLS_RECORD_LAYER *d;
} RECORD_LAYER;
diff --git a/ssl/record/record_locl.h b/ssl/record/record_locl.h
index 52e59e4..b69afd8 100644
--- a/ssl/record/record_locl.h
+++ b/ssl/record/record_locl.h
@@ -14,6 +14,8 @@
* *
*****************************************************************************/
+#define MAX_WARN_ALERT_COUNT 5
+
/* Functions/macros provided by the RECORD_LAYER component */
#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf)
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 1fddda6..85cb489 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -614,6 +614,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
"tls illegal exporter label"},
{ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
"tls invalid ecpointformat list"},
+ {ERR_REASON(SSL_R_TOO_MANY_WARN_ALERTS), "too many warn alerts"},
{ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),
"unable to find ecdh parameters"},
{ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),
More information about the openssl-commits
mailing list