Return MBEDTLS_ERR_SSL_EARLY_MESSAGE for future HS messages

This leads future HS messages to traverse the buffering function ssl_buffer_message(), which however doesn't do anything at the moment for HS messages. Since the error code MBEDTLS_ERR_SSL_EARLY_MESSAGE is afterwards remapped to MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -- which is what was returned prior to this commit when receiving a future handshake message -- this commit therefore does not yet introduce any change in observable behavior.
2024-11-23 05:55:40 +01:00 · 2018-08-15 15:54:43 +01:00 · 2018-08-15 15:54:43 +01:00 · 9e1ec22c36
commit 9e1ec22c36
parent aa5d0c4493
1 changed files with 8 additions and 0 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -3656,6 +3656,14 @@ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
              ( ssl->state  == MBEDTLS_SSL_HANDSHAKE_OVER &&
                ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) ) )
        {
+            if( recv_msg_seq > ssl->handshake->in_msg_seq )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 2, ( "received future handshake message of sequence number %u (next %u)",
+                                            recv_msg_seq,
+                                            ssl->handshake->in_msg_seq ) );
+                return( MBEDTLS_ERR_SSL_EARLY_MESSAGE );
+            }
+
            /* Retransmit only on last message from previous flight, to avoid
             * too many retransmissions.
             * Besides, No sane server ever retransmits HelloVerifyRequest */