diff options
author | Tomas Mraz <tomas@openssl.org> | 2022-03-22 12:34:07 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-03-30 11:35:54 +0200 |
commit | fb67978a9eb076b23ddf17f6b95f697ed526c584 (patch) | |
tree | a45e465961e059bb950e9c071e788318fa0f5d2d /ssl | |
parent | 739d2bdfba536ff59e8444eb4295b53288ac5caf (diff) |
tls_process_server_hello: Disallow repeated HRR
Repeated HRR must be rejected.
Fixes #17934
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17936)
(cherry picked from commit d204a50b898435fbf937316d5693008cebf62eef)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/statem/statem_clnt.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index d1a3969812..e3aba393f9 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1422,6 +1422,10 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt) && sversion == TLS1_2_VERSION && PACKET_remaining(pkt) >= SSL3_RANDOM_SIZE && memcmp(hrrrandom, PACKET_data(pkt), SSL3_RANDOM_SIZE) == 0) { + if (s->hello_retry_request != SSL_HRR_NONE) { + SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_UNEXPECTED_MESSAGE); + goto err; + } s->hello_retry_request = SSL_HRR_PENDING; hrr = 1; if (!PACKET_forward(pkt, SSL3_RANDOM_SIZE)) { |