diff options
| author | Andy Polyakov <appro@openssl.org> | 2007-09-30 21:20:59 +0000 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2007-09-30 21:20:59 +0000 |
| commit | 0a89c575de613ff6fa3506b6ec025e786f9d0097 (patch) | |
| tree | f272c4e03bdb0a9800281c527f1710b1ba5965dd /ssl/d1_pkt.c | |
| parent | 4c860910df4417f7229c4c864c726e4b187b65b2 (diff) | |
Make ChangeCipherSpec compliant with DTLS RFC4347. From HEAD with a twist:
server interoperates with non-compliant pre-0.9.8f.
Diffstat (limited to 'ssl/d1_pkt.c')
| -rw-r--r-- | ssl/d1_pkt.c | 65 |
1 files changed, 29 insertions, 36 deletions
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 24ef9ec3d2..333a26c0c2 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -974,47 +974,40 @@ start: } if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) - { - struct ccs_header_st ccs_hdr; + { + struct ccs_header_st ccs_hdr; dtls1_get_ccs_header(rr->data, &ccs_hdr); - if ( ccs_hdr.seq == s->d1->handshake_read_seq) - { - /* 'Change Cipher Spec' is just a single byte, so we know - * exactly what the record payload has to look like */ - /* XDTLS: check that epoch is consistent */ - if ( (rr->length != DTLS1_CCS_HEADER_LENGTH) || - (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) - { - i=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC); - goto err; - } - - rr->length=0; - - if (s->msg_callback) - s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, - rr->data, 1, s, s->msg_callback_arg); - - s->s3->change_cipher_spec=1; - if (!ssl3_do_change_cipher_spec(s)) - goto err; - - /* do this whenever CCS is processed */ - dtls1_reset_seq_numbers(s, SSL3_CC_READ); - - /* handshake read seq is reset upon handshake completion */ - s->d1->handshake_read_seq++; - - goto start; - } - else + /* 'Change Cipher Spec' is just a single byte, so we know + * exactly what the record payload has to look like */ + /* XDTLS: check that epoch is consistent */ + if ( (s->client_version == DTLS1_BAD_VER && rr->length != 3) || + (s->client_version != DTLS1_BAD_VER && rr->length != DTLS1_CCS_HEADER_LENGTH) || + (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) { - rr->length = 0; - goto start; + i=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC); + goto err; } + + rr->length=0; + + if (s->msg_callback) + s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, + rr->data, 1, s, s->msg_callback_arg); + + s->s3->change_cipher_spec=1; + if (!ssl3_do_change_cipher_spec(s)) + goto err; + + /* do this whenever CCS is processed */ + dtls1_reset_seq_numbers(s, SSL3_CC_READ); + + /* handshake read seq is reset upon handshake completion */ + s->d1->handshake_read_seq++; + + goto start; } /* Unexpected handshake message (Client Hello, or protocol violation) */ |