From e8eff9a5170c17b9db038f370f62d95354f8b2c5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 14 May 2019 11:30:10 +0100 Subject: [PATCH] Allow to configure the stack's behaviour on unexpected CIDs This commit modifies the CID configuration API mbedtls_ssl_conf_cid_len() to allow the configuration of the stack's behaviour when receiving an encrypted DTLS record with unexpected CID. --- include/mbedtls/config.h | 2 +- include/mbedtls/ssl.h | 27 +++++++++++++++++++++++---- library/ssl_tls.c | 20 ++++++++++++++------ programs/ssl/ssl_client2.c | 6 ++++-- programs/ssl/ssl_server2.c | 6 ++++-- 5 files changed, 46 insertions(+), 15 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 07da8f59f..306592f2e 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1278,7 +1278,7 @@ * in the underlying transport. * * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`, - * `mbedtls_ssl_get_peer_cid()` and `mbedtls_ssl_conf_cid_len()`. + * `mbedtls_ssl_get_peer_cid()` and `mbedtls_ssl_conf_cid()`. * See their documentation for more information. * * \warning The Connection ID extension is still in draft state. diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 869463e43..d29c7bd33 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1044,6 +1044,11 @@ struct mbedtls_ssl_config unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in Certificate Request messages? */ #endif +#if defined(MBEDTLS_SSL_CID) + unsigned int ignore_unexpected_cid : 1; /*!< Determines whether DTLS + * record with unexpected CID + * should lead to failure. */ +#endif /* MBEDTLS_SSL_CID */ }; @@ -1492,7 +1497,7 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, * MBEDTLS_SSL_CID_DISABLED. * * \note The value of \p own_cid_len must match the value of the - * \c len parameter passed to mbedtls_ssl_conf_cid_len() + * \c len parameter passed to mbedtls_ssl_conf_cid() * when configuring the ::mbedtls_ssl_config that \p ssl * is bound to. * @@ -2152,14 +2157,27 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, const int *ciphersuites ); #if defined(MBEDTLS_SSL_CID) +#define MBEDTLS_SSL_UNEXPECTED_CID_FAIL 0 +#define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 1 /** - * \brief Specify the length of CIDs for incoming encrypted - * DTLS records. (Default: \c 0) + * \brief Specify the length of CIDs for incoming encrypted DTLS + * records and specify the behaviour on unexpected CIDs. + * + * By default, the CID length is set to \c 0, + * and unexpected CIDs are silently ignored. * * \param conf The SSL configuration to modify. * \param len The length in Bytes of the CID fields in encrypted * DTLS records using the CID mechanism. This must * not be larger than #MBEDTLS_SSL_CID_OUT_LEN_MAX. + * \param ignore_other_cid This determines the stack's behaviour when + * receiving a record with an unexpected CID. + * Possible values are: + * - #MBEDTLS_SSL_UNEXPECTED_CID_IGNORE + * In this case, the record is silently ignored. + * - #MBEDTLS_SSL_UNEXPECTED_CID_FAIL + * In this case, the stack fails with the specific + * error code #MBEDTLS_ERR_SSL_UNEXPECTED_CID. * * \note The CID specification allows implementations to either * use a common length for all incoming connection IDs or @@ -2172,7 +2190,8 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p own_cid_len * is too large. */ -int mbedtls_ssl_conf_cid_len( mbedtls_ssl_config *conf, size_t len ); +int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len, + int ignore_other_cids ); #endif /* MBEDTLS_SSL_CID */ /** diff --git a/library/ssl_tls.c b/library/ssl_tls.c index fdfd53774..b075a8a9a 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -113,12 +113,15 @@ static void ssl_update_in_pointers( mbedtls_ssl_context *ssl ); /* WARNING: The CID feature isn't fully implemented yet * and will not be used. */ -int mbedtls_ssl_conf_cid_len( mbedtls_ssl_config *conf, - size_t len ) +int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, + size_t len, + int ignore_other_cid ) { if( len > MBEDTLS_SSL_CID_IN_LEN_MAX ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + conf->ignore_unexpected_cid = + ( ignore_other_cid == MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); conf->cid_len = len; return( 0 ); } @@ -2148,12 +2151,10 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl, /* * Match record's CID with incoming CID. */ - if( rec->cid_len != transform->in_cid_len || memcmp( rec->cid, transform->in_cid, rec->cid_len ) != 0 ) { - /* Silently skip over record with mismatching CID. */ - return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_CID ); } #endif /* MBEDTLS_SSL_CID */ @@ -4672,8 +4673,15 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) &rec ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret ); - if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ) + +#if defined(MBEDTLS_SSL_CID) + if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID && + ssl->conf->ignore_unexpected_cid + == MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ) + { ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; + } +#endif /* MBEDTLS_SSL_CID */ return( ret ); } diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 61b048fc8..4827578c3 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1550,9 +1550,11 @@ int main( int argc, char *argv[] ) if( opt.cid_enabled == 1 ) - ret = mbedtls_ssl_conf_cid_len( &conf, cid_len ); + ret = mbedtls_ssl_conf_cid( &conf, cid_len, + MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); else - ret = mbedtls_ssl_conf_cid_len( &conf, cid_renego_len ); + ret = mbedtls_ssl_conf_cid( &conf, cid_renego_len, + MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); if( ret != 0 ) { diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 87c664523..dc321cdfc 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2399,9 +2399,11 @@ int main( int argc, char *argv[] ) } if( opt.cid_enabled == 1 ) - ret = mbedtls_ssl_conf_cid_len( &conf, cid_len ); + ret = mbedtls_ssl_conf_cid( &conf, cid_len, + MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); else - ret = mbedtls_ssl_conf_cid_len( &conf, cid_renego_len ); + ret = mbedtls_ssl_conf_cid( &conf, cid_renego_len, + MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); if( ret != 0 ) {