]> Cypherpunks repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 34920b8)
crypto/tls: disallow handshake messages fragmented across CCS
authorFilippo Valsorda <filippo@cloudflare.com>
Wed, 18 Jan 2017 16:53:35 +0000 (16:53 +0000)
committerAdam Langley <agl@golang.org>
Tue, 15 Aug 2017 18:45:06 +0000 (18:45 +0000)
Detected by BoGo test FragmentAcrossChangeCipherSpec-Server-Packed.

Change-Id: I9a76697b9cdeb010642766041971de5c7e533481
Reviewed-on: https://go-review.googlesource.com/48811
Reviewed-by: Adam Langley <agl@golang.org>
Run-TryBot: Adam Langley <agl@golang.org>

src/crypto/tls/conn.go patch | blob | history

diff --git a/src/crypto/tls/conn.go b/src/crypto/tls/conn.go
index e6d85aa26391fa0aada9c676cbabc642f6a93a95..9f32d4b7d7b7c0028f567127bc17d7498d35c38f 100644 (file)
--- a/src/crypto/tls/conn.go
+++ b/src/crypto/tls/conn.go
@@ -686,6 +686,11 @@ Again:
                        c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
                        break
                }
+               // Handshake messages are not allowed to fragment across the CCS
+               if c.hand.Len() > 0 {
+                       c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+                       break
+               }
                err := c.in.changeCipherSpec()
                if err != nil {
                        c.in.setErrorLocked(c.sendAlert(err.(alert)))
Go GOST TLS 1.3