TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 888fedea06bfa267b81237ab4d2f336621b536da^2..888fedea06bfa267b81237ab4d2f336621b536da / .
commit888fedea06bfa267b81237ab4d2f336621b536da[log] [tgz]
authorManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Tue Nov 14 08:24:22 2017 +0100
committerManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Tue Nov 14 08:24:22 2017 +0100
treecc43cf256f60cc45037f6c0be27d4bf3e5bc87c6
parent6f63db7ed5cd3ae664273540b0a7d7b6119641b7 [diff]
parent005939db984168406d8fed04874379677cdd630f [diff]
Merge branch 'development' into development-restricted

* development: (30 commits)
  update README file (#1144)
  Fix typo in asn1.h
  Improve leap year test names in x509parse.data
  Correctly handle leap year in x509_date_is_valid()
  Renegotiation: Add tests for SigAlg ext parsing
  Parse Signature Algorithm ext when renegotiating
  Minor style fix
  config.pl get: be better behaved
  config.pl get: don't rewrite config.h; detect write errors
  Fixed "config.pl get" for options with no value
  Fix typo and bracketing in macro args
  Ensure failed test_suite output is sent to stdout
  Remove use of GNU sed features from ssl-opt.sh
  Fix typos in ssl-opt.sh comments
  Add ssl-opt.sh test to check gmt_unix_time is good
  Extend ssl-opt.h so that run_test takes function
  Always print gmt_unix_time in TLS client
  Restored note about using minimum functionality in makefiles
  Note in README that GNU make is required
  Fix changelog for ssl_server2.c usage fix
  ...

diff --git a/ChangeLog b/ChangeLog
index e7abd5c..ded60d3 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -6,6 +6,8 @@
    * Allow comments in test data files.
 
 Bugfix
+   * Fix ssl_parse_record_header() to silently discard invalid DTLS records
+     as recommended in RFC 6347 Section 4.1.2.7.
    * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.
      Found by projectgus and jethrogb, #836.
    * Fix usage help in ssl_server2 example. Found and fixed by Bei Lin.

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index de2490c..8467b13 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -3493,8 +3493,15 @@
         ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) );
-        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        /* Silently ignore invalid DTLS records as recommended by RFC 6347
+         * Section 4.1.2.7 */
+        if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                    MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+
         return( MBEDTLS_ERR_SSL_INVALID_RECORD );
     }
 
@@ -6180,7 +6187,6 @@
 
     /* Check if new hostname is valid before
      * making any change to current one */
-
     if( hostname != NULL )
     {
         hostname_len = strlen( hostname );
@@ -6207,7 +6213,6 @@
     else
     {
         ssl->hostname = mbedtls_calloc( 1, hostname_len + 1 );
-
         if( ssl->hostname == NULL )
             return( MBEDTLS_ERR_SSL_ALLOC_FAILED );