Fix a bug in bssl::OpenRecord.
Checking the record type returned by the |tls_open_record| call only makes sense if that call was successful. Change-Id: Ib4bebd2b1198c7def513d9fba3653524c17a6e68 Reviewed-on: https://boringssl-review.googlesource.com/18884 Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
Martin Kreichgauer
Adam Langley
parent
c90be3b143
commit
26ababbf65
@ -596,44 +596,33 @@ OpenRecordResult OpenRecord(SSL *ssl, Span<uint8_t> *out,
|
|||||||
return OpenRecordResult::kError;
|
return OpenRecordResult::kError;
|
||||||
}
|
}
|
||||||
|
|
||||||
*out = Span<uint8_t>();
|
|
||||||
*out_record_len = 0;
|
|
||||||
|
|
||||||
CBS plaintext;
|
CBS plaintext;
|
||||||
uint8_t type;
|
uint8_t type;
|
||||||
size_t record_len;
|
|
||||||
const ssl_open_record_t result = tls_open_record(
|
const ssl_open_record_t result = tls_open_record(
|
||||||
ssl, &type, &plaintext, &record_len, out_alert, in.data(), in.size());
|
ssl, &type, &plaintext, out_record_len, out_alert, in.data(), in.size());
|
||||||
if (type != SSL3_RT_APPLICATION_DATA && type != SSL3_RT_ALERT) {
|
|
||||||
*out_alert = SSL_AD_UNEXPECTED_MESSAGE;
|
|
||||||
return OpenRecordResult::kError;
|
|
||||||
}
|
|
||||||
|
|
||||||
OpenRecordResult ret = OpenRecordResult::kError;
|
|
||||||
switch (result) {
|
switch (result) {
|
||||||
case ssl_open_record_success:
|
case ssl_open_record_success:
|
||||||
ret = OpenRecordResult::kOK;
|
if (type != SSL3_RT_APPLICATION_DATA && type != SSL3_RT_ALERT) {
|
||||||
break;
|
*out_alert = SSL_AD_UNEXPECTED_MESSAGE;
|
||||||
|
return OpenRecordResult::kError;
|
||||||
|
}
|
||||||
|
*out = MakeSpan(
|
||||||
|
const_cast<uint8_t*>(CBS_data(&plaintext)), CBS_len(&plaintext));
|
||||||
|
return OpenRecordResult::kOK;
|
||||||
case ssl_open_record_discard:
|
case ssl_open_record_discard:
|
||||||
ret = OpenRecordResult::kDiscard;
|
return OpenRecordResult::kDiscard;
|
||||||
break;
|
|
||||||
case ssl_open_record_partial:
|
case ssl_open_record_partial:
|
||||||
ret = OpenRecordResult::kIncompleteRecord;
|
return OpenRecordResult::kIncompleteRecord;
|
||||||
break;
|
|
||||||
case ssl_open_record_close_notify:
|
case ssl_open_record_close_notify:
|
||||||
ret = OpenRecordResult::kAlertCloseNotify;
|
return OpenRecordResult::kAlertCloseNotify;
|
||||||
break;
|
|
||||||
case ssl_open_record_fatal_alert:
|
case ssl_open_record_fatal_alert:
|
||||||
ret = OpenRecordResult::kAlertFatal;
|
return OpenRecordResult::kAlertFatal;
|
||||||
break;
|
|
||||||
case ssl_open_record_error:
|
case ssl_open_record_error:
|
||||||
ret = OpenRecordResult::kError;
|
return OpenRecordResult::kError;
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
*out =
|
assert(false);
|
||||||
MakeSpan(const_cast<uint8_t*>(CBS_data(&plaintext)), CBS_len(&plaintext));
|
return OpenRecordResult::kError;
|
||||||
*out_record_len = record_len;
|
|
||||||
return ret;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t SealRecordPrefixLen(const SSL *ssl, const size_t record_len) {
|
size_t SealRecordPrefixLen(const SSL *ssl, const size_t record_len) {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user