diff options
author | Matt Caswell <matt@openssl.org> | 2017-05-08 13:10:26 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-05-11 13:13:04 +0100 |
commit | f66f8a4491f5c2207ed054fc35eb6a479ab8ecdc (patch) | |
tree | bf4316b1211e18dadc81d28d386f2c91e2795ca0 /ssl/record | |
parent | c2bdf05f4b5430b5cc9d8122295b8484280e070f (diff) |
Reject unknown warning alerts in TLSv1.3
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3436)
Diffstat (limited to 'ssl/record')
-rw-r--r-- | ssl/record/rec_layer_s3.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 60bfd3c798..8d0a97be98 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1489,6 +1489,15 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, return 0; } /* + * Apart from close_notify the only other warning alert in TLSv1.3 + * is user_cancelled - which we just ignore. + */ + if (SSL_IS_TLS13(s) && alert_descr != SSL_AD_USER_CANCELLED) { + al = SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNKNOWN_ALERT_TYPE); + goto f_err; + } + /* * This is a warning but we receive it if we requested * renegotiation and the peer denied it. Terminate with a fatal * alert because if application tried to renegotiate it @@ -1496,7 +1505,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, * future we might have a renegotiation where we don't care if * the peer refused it where we carry on. */ - else if (alert_descr == SSL_AD_NO_RENEGOTIATION) { + if (alert_descr == SSL_AD_NO_RENEGOTIATION) { al = SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_NO_RENEGOTIATION); goto f_err; |