|
 |
a02333 |
diff -up openssl-1.0.1e/ssl/d1_pkt.c.many-alerts openssl-1.0.1e/ssl/d1_pkt.c
|
|
|
a02333 |
--- openssl-1.0.1e/ssl/d1_pkt.c.many-alerts 2016-10-04 16:12:30.000000000 +0200
|
|
|
a02333 |
+++ openssl-1.0.1e/ssl/d1_pkt.c 2016-11-01 10:48:05.270349440 +0100
|
|
|
a02333 |
@@ -915,6 +915,13 @@ start:
|
|
|
a02333 |
goto start;
|
|
|
a02333 |
}
|
|
|
a02333 |
|
|
|
a02333 |
+ /*
|
|
|
a02333 |
+ * Reset the count of consecutive warning alerts if we've got a non-empty
|
|
|
a02333 |
+ * record that isn't an alert.
|
|
|
a02333 |
+ */
|
|
|
a02333 |
+ if (rr->type != SSL3_RT_ALERT && rr->length != 0)
|
|
|
a02333 |
+ s->cert->alert_count = 0;
|
|
|
a02333 |
+
|
|
|
a02333 |
/* we now have a packet which can be read and processed */
|
|
|
a02333 |
|
|
|
a02333 |
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
|
|
|
a02333 |
@@ -1184,6 +1191,15 @@ start:
|
|
|
a02333 |
if (alert_level == 1) /* warning */
|
|
|
a02333 |
{
|
|
|
a02333 |
s->s3->warn_alert = alert_descr;
|
|
|
a02333 |
+
|
|
|
a02333 |
+ s->cert->alert_count++;
|
|
|
a02333 |
+ if (s->cert->alert_count == MAX_WARN_ALERT_COUNT)
|
|
|
a02333 |
+ {
|
|
|
a02333 |
+ al = SSL_AD_UNEXPECTED_MESSAGE;
|
|
|
a02333 |
+ SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
|
|
|
a02333 |
+ goto f_err;
|
|
|
a02333 |
+ }
|
|
|
a02333 |
+
|
|
|
a02333 |
if (alert_descr == SSL_AD_CLOSE_NOTIFY)
|
|
|
a02333 |
{
|
|
|
a02333 |
#ifndef OPENSSL_NO_SCTP
|
|
|
a02333 |
diff -up openssl-1.0.1e/ssl/ssl_err.c.many-alerts openssl-1.0.1e/ssl/ssl_err.c
|
|
|
a02333 |
--- openssl-1.0.1e/ssl/ssl_err.c.many-alerts 2016-10-04 16:12:30.000000000 +0200
|
|
|
a02333 |
+++ openssl-1.0.1e/ssl/ssl_err.c 2016-11-01 10:54:04.673900027 +0100
|
|
|
a02333 |
@@ -552,6 +552,7 @@ static ERR_STRING_DATA SSL_str_reasons[]
|
|
|
a02333 |
{ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),"tls invalid ecpointformat list"},
|
|
|
a02333 |
{ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),"tls peer did not respond with certificate list"},
|
|
|
a02333 |
{ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),"tls rsa encrypted value length is wrong"},
|
|
|
a02333 |
+{ERR_REASON(SSL_R_TOO_MANY_WARN_ALERTS), "too many warn alerts"},
|
|
|
a02333 |
{ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER),"tried to use unsupported cipher"},
|
|
|
a02333 |
{ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS),"unable to decode dh certs"},
|
|
|
a02333 |
{ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS),"unable to decode ecdh certs"},
|
|
|
a02333 |
diff -up openssl-1.0.1e/ssl/ssl.h.many-alerts openssl-1.0.1e/ssl/ssl.h
|
|
|
a02333 |
--- openssl-1.0.1e/ssl/ssl.h.many-alerts 2016-10-04 16:12:30.000000000 +0200
|
|
|
a02333 |
+++ openssl-1.0.1e/ssl/ssl.h 2016-11-01 10:52:48.442086392 +0100
|
|
|
a02333 |
@@ -2474,6 +2474,7 @@ void ERR_load_SSL_strings(void);
|
|
|
a02333 |
#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
|
|
|
a02333 |
#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
|
|
|
a02333 |
#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
|
|
|
a02333 |
+#define SSL_R_TOO_MANY_WARN_ALERTS 409
|
|
|
a02333 |
#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
|
|
|
a02333 |
#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236
|
|
|
a02333 |
#define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313
|
|
|
a02333 |
diff -up openssl-1.0.1e/ssl/ssl_locl.h.many-alerts openssl-1.0.1e/ssl/ssl_locl.h
|
|
|
a02333 |
--- openssl-1.0.1e/ssl/ssl_locl.h.many-alerts 2016-10-04 16:12:30.000000000 +0200
|
|
|
a02333 |
+++ openssl-1.0.1e/ssl/ssl_locl.h 2016-11-01 10:55:39.171148215 +0100
|
|
|
a02333 |
@@ -485,6 +485,8 @@ typedef struct cert_pkey_st
|
|
|
a02333 |
const EVP_MD *digest;
|
|
|
a02333 |
} CERT_PKEY;
|
|
|
a02333 |
|
|
|
a02333 |
+# define MAX_WARN_ALERT_COUNT 5
|
|
|
a02333 |
+
|
|
|
a02333 |
typedef struct cert_st
|
|
|
a02333 |
{
|
|
|
a02333 |
/* Current active set */
|
|
|
a02333 |
@@ -516,6 +518,7 @@ typedef struct cert_st
|
|
|
a02333 |
CERT_PKEY pkeys[SSL_PKEY_NUM];
|
|
|
a02333 |
|
|
|
a02333 |
int references; /* >1 only if SSL_copy_session_id is used */
|
|
|
a02333 |
+ unsigned int alert_count;
|
|
|
a02333 |
} CERT;
|
|
|
a02333 |
|
|
|
a02333 |
|
|
|
a02333 |
diff -up openssl-1.0.1e/ssl/s3_pkt.c.many-alerts openssl-1.0.1e/ssl/s3_pkt.c
|
|
|
a02333 |
--- openssl-1.0.1e/ssl/s3_pkt.c.many-alerts 2016-10-04 16:12:30.000000000 +0200
|
|
|
a02333 |
+++ openssl-1.0.1e/ssl/s3_pkt.c 2016-11-01 10:51:21.504018044 +0100
|
|
|
a02333 |
@@ -1009,6 +1009,13 @@ start:
|
|
|
a02333 |
if (ret <= 0) return(ret);
|
|
|
a02333 |
}
|
|
|
a02333 |
|
|
|
a02333 |
+ /*
|
|
|
a02333 |
+ * Reset the count of consecutive warning alerts if we've got a non-empty
|
|
|
a02333 |
+ * record that isn't an alert.
|
|
|
a02333 |
+ */
|
|
|
a02333 |
+ if (rr->type != SSL3_RT_ALERT && rr->length != 0)
|
|
|
a02333 |
+ s->cert->alert_count = 0;
|
|
|
a02333 |
+
|
|
|
a02333 |
/* we now have a packet which can be read and processed */
|
|
|
a02333 |
|
|
|
a02333 |
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
|
|
|
a02333 |
@@ -1225,6 +1232,15 @@ start:
|
|
|
a02333 |
if (alert_level == 1) /* warning */
|
|
|
a02333 |
{
|
|
|
a02333 |
s->s3->warn_alert = alert_descr;
|
|
|
a02333 |
+
|
|
|
a02333 |
+ s->cert->alert_count++;
|
|
|
a02333 |
+ if (s->cert->alert_count == MAX_WARN_ALERT_COUNT)
|
|
|
a02333 |
+ {
|
|
|
a02333 |
+ al = SSL_AD_UNEXPECTED_MESSAGE;
|
|
|
a02333 |
+ SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
|
|
|
a02333 |
+ goto f_err;
|
|
|
a02333 |
+ }
|
|
|
a02333 |
+
|
|
|
a02333 |
if (alert_descr == SSL_AD_CLOSE_NOTIFY)
|
|
|
a02333 |
{
|
|
|
a02333 |
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
|