commit 83cdffc437ad8b265e41eaf8a4f88e1658328be2
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Mar 10 21:20:29 2014 +0100
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Mar 13 19:25:06 2014 +0100
tree d8dd87a79cf50b67e69b8f46cbbb447ab0da79d9
parent 3c599f11b03a5bec57187b92f3dcef9ab15f91b5

Forbid sequence number wrapping

library/error.c

diff --git a/library/error.c b/library/error.c
index 64dc0f5..4aa167f 100644
--- a/library/error.c
+++ b/library/error.c
@@ -433,6 +433,8 @@
             snprintf( buf, buflen, "SSL - Unkown identity received (eg, PSK identity)" );
         if( use_ret == -(POLARSSL_ERR_SSL_INTERNAL_ERROR) )
             snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" );
+        if( use_ret == -(POLARSSL_ERR_SSL_COUNTER_WRAPPING) )
+            snprintf( buf, buflen, "SSL - A counter would wrap (eg, too many messages exchanged)" );
 #endif /* POLARSSL_SSL_TLS_C */
 
 #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 4f3095c..20cb9bd 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1309,6 +1309,13 @@
         if( ++ssl->out_ctr[i - 1] != 0 )
             break;
 
+    /* The loops goes to its end iff the counter is wrapping */
+    if( i == 0 )
+    {
+        SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) );
+        return( POLARSSL_ERR_SSL_COUNTER_WRAPPING );
+    }
+
     SSL_DEBUG_MSG( 2, ( "<= encrypt buf" ) );
 
     return( 0 );
@@ -1775,6 +1782,13 @@
         if( ++ssl->in_ctr[i - 1] != 0 )
             break;
 
+    /* The loops goes to its end iff the counter is wrapping */
+    if( i == 0 )
+    {
+        SSL_DEBUG_MSG( 1, ( "incoming message counter would wrap" ) );
+        return( POLARSSL_ERR_SSL_COUNTER_WRAPPING );
+    }
+
     SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) );
 
     return( 0 );