[openssl-dev] [openssl.org #3703] 1.0.2 regression with Cisco DTLS_BAD_VER
David Woodhouse via RT
rt at openssl.org
Tue Feb 17 21:48:34 UTC 2015
Commit 9cf0f187 in HEAD, and 68039af3 in 1.0.2, removed a version check
from dtls1_buffer_message() which was needed to distinguish between DTLS
1.x and Cisco's pre-standard version of DTLS.
$DEITY knows why Cisco haven't moved to the standard version of DTLS by
now. The RFC was published in 2006, and since you can tell the
difference on the wire it's *trivial* to have the server accept both and
upgrade the clients piecemeal. The ocserv server manages this.
But it isn't our place to marvel at Cisco's incompetence (like the fact
that their DTLS implementation is still dropping out-of-order received
packets, 6½ years after I fixed RT#1752). Our place is to try to be
compatible with it. And this commit broke that, causing the OpenConnect
VPN client to abort:
Connected vpntest0 as 192.168.1.13, using SSL
d1_both.c(1112): OpenSSL internal error, assertion failed: s->d1->w_msg_hdr.msg_len + DTLS1_CCS_HEADER_LENGTH == (unsigned int)s->init_num
Aborted (core dumped)
---
The patch below fixes it. Tested in 1.0.2, but I haven't tested with
HEAD yet because I need to work out how to set up the DTLS session to be
"resumed" — none of this compiles any more...
../dtls.c: In function 'start_dtls_handshake':
../dtls.c:141:24: error: dereferencing pointer to incomplete type
vpninfo->dtls_session->ssl_version = 0x0100; /* DTLS1_BAD_VER */
^
../dtls.c:145:23: error: dereferencing pointer to incomplete type
vpninfo->dtls_session->master_key_length = sizeof(vpninfo->dtls_secret);
^
../dtls.c:146:30: error: dereferencing pointer to incomplete type
memcpy(vpninfo->dtls_session->master_key, vpninfo->dtls_secret,
^
../dtls.c:149:23: error: dereferencing pointer to incomplete type
vpninfo->dtls_session->session_id_length = sizeof(vpninfo->dtls_session_id);
^
../dtls.c:150:30: error: dereferencing pointer to incomplete type
memcpy(vpninfo->dtls_session->session_id, vpninfo->dtls_session_id,
^
../dtls.c:170:23: error: dereferencing pointer to incomplete type
vpninfo->dtls_session->cipher = dtls_cipher;
^
../dtls.c:171:23: error: dereferencing pointer to incomplete type
vpninfo->dtls_session->cipher_id = dtls_cipher->id;
^
../dtls.c:171:48: error: dereferencing pointer to incomplete type
vpninfo->dtls_session->cipher_id = dtls_cipher->id;
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 2553c3d..1116416 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -1108,8 +1108,9 @@ int dtls1_buffer_message(SSL *s, int is_ccs)
memcpy(frag->fragment, s->init_buf->data, s->init_num);
if (is_ccs) {
+ /* For DTLS_BAD_VER the header length is non-standard */
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
- DTLS1_CCS_HEADER_LENGTH == (unsigned int)s->init_num);
+ ((s->version==DTLS1_VERSION)?DTLS1_CCS_HEADER_LENGTH:3) == (unsigned int)s->init_num);
} else {
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150217/de249ba9/attachment.bin>
More information about the openssl-dev
mailing list