Commit | Line | Data |
---|---|---|
a92c6b1a TGR |
1 | From e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e Mon Sep 17 00:00:00 2001 |
2 | From: Matt Caswell <matt@openssl.org> | |
3 | Date: Fri, 14 Dec 2018 07:28:30 +0000 | |
4 | Subject: [PATCH] Go into the error state if a fatal alert is sent or received | |
5 | ||
6 | If an application calls SSL_shutdown after a fatal alert has occured and | |
7 | then behaves different based on error codes from that function then the | |
8 | application may be vulnerable to a padding oracle. | |
9 | ||
10 | CVE-2019-1559 | |
11 | ||
12 | Reviewed-by: Richard Levitte <levitte@openssl.org> | |
13 | --- | |
14 | ssl/d1_pkt.c | 1 + | |
15 | ssl/s3_pkt.c | 10 +++++++--- | |
16 | 2 files changed, 8 insertions(+), 3 deletions(-) | |
17 | ||
18 | diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c | |
19 | index 23aa9db..c7fe977 100644 | |
20 | --- a/ssl/d1_pkt.c | |
21 | +++ b/ssl/d1_pkt.c | |
22 | @@ -1309,6 +1309,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) | |
23 | ERR_add_error_data(2, "SSL alert number ", tmp); | |
24 | s->shutdown |= SSL_RECEIVED_SHUTDOWN; | |
25 | SSL_CTX_remove_session(s->session_ctx, s->session); | |
26 | + s->state = SSL_ST_ERR; | |
27 | return (0); | |
28 | } else { | |
29 | al = SSL_AD_ILLEGAL_PARAMETER; | |
30 | diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c | |
31 | index 6527df8..830b723 100644 | |
32 | --- a/ssl/s3_pkt.c | |
33 | +++ b/ssl/s3_pkt.c | |
34 | @@ -1500,6 +1500,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) | |
35 | ERR_add_error_data(2, "SSL alert number ", tmp); | |
36 | s->shutdown |= SSL_RECEIVED_SHUTDOWN; | |
37 | SSL_CTX_remove_session(s->session_ctx, s->session); | |
38 | + s->state = SSL_ST_ERR; | |
39 | return (0); | |
40 | } else { | |
41 | al = SSL_AD_ILLEGAL_PARAMETER; | |
42 | @@ -1719,9 +1720,12 @@ int ssl3_send_alert(SSL *s, int level, int desc) | |
43 | * protocol_version alerts */ | |
44 | if (desc < 0) | |
45 | return -1; | |
46 | - /* If a fatal one, remove from cache */ | |
47 | - if ((level == 2) && (s->session != NULL)) | |
48 | - SSL_CTX_remove_session(s->session_ctx, s->session); | |
49 | + /* If a fatal one, remove from cache and go into the error state */ | |
50 | + if (level == SSL3_AL_FATAL) { | |
51 | + if (s->session != NULL) | |
52 | + SSL_CTX_remove_session(s->session_ctx, s->session); | |
53 | + s->state = SSL_ST_ERR; | |
54 | + } | |
55 | ||
56 | s->s3->alert_dispatch = 1; | |
57 | s->s3->send_alert[0] = level; | |
58 | -- | |
59 | 2.7.4 | |
60 |