generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Return errors even if the cookie validation has succeeded

Browse Source 
In the DTLS ClientHello processing the return value is stored in |ret| which
by default is -1. We wish to return 1 on success or 2 on success *and* we
have validated the DTLS cookie. Previously on successful validation of the
cookie we were setting |ret| to 2. Unfortunately if we later encounter an
error then we can end up returning a successful (positive) return code from
the function because we already set |ret| to a positive value.

This does not appear to have a security consequence because the handshake
just fails at a later point.

Reviewed-by: Andy Polyakov <appro@openssl.org>
This commit is contained in:
Matt Caswell 2015-11-30 10:38:54 +00:00
parent 98b94544e5
commit 41d049e1cd
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ssl/s3_srvr.c
View File

@ -966,7 +966,7 @@ int ssl3_check_client_hello(SSL *s)
int ssl3_get_client_hello(SSL *s)
{
int i, j, ok, al, ret = -1;
int i, j, ok, al, ret = -1, cookie_valid = 0;;
unsigned int cookie_len;
long n;
unsigned long id;
@ -1154,8 +1154,7 @@ int ssl3_get_client_hello(SSL *s)
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_COOKIE_MISMATCH);
goto f_err;
}
ret = 2;
cookie_valid = 1;
}
p += cookie_len;
@ -1491,8 +1490,7 @@ int ssl3_get_client_hello(SSL *s)
}
}
if (ret < 0)
ret = 1;
ret = cookie_valid ? 2 : 1;
if (0) {
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
@ -1502,7 +1500,7 @@ int ssl3_get_client_hello(SSL *s)
if (ciphers != NULL)
sk_SSL_CIPHER_free(ciphers);
return (ret);
return ret;
}
int ssl3_send_server_hello(SSL *s)