diff options
author | Matt Caswell <matt@openssl.org> | 2019-02-21 16:02:24 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-02-22 18:29:41 +0000 |
commit | 3409a5ff8a44ddaf043d83ed22e657ae871be289 (patch) | |
tree | dfbc0fed648af8912495fcc8ee9cb0dbd388c39f /ssl | |
parent | a4a0a1eb43cfccd128d085932a567e0482fbfe47 (diff) | |
download | openssl-3409a5ff8a44ddaf043d83ed22e657ae871be289.zip openssl-3409a5ff8a44ddaf043d83ed22e657ae871be289.tar.gz openssl-3409a5ff8a44ddaf043d83ed22e657ae871be289.tar.bz2 |
Don't restrict the number of KeyUpdate messages we can process
Prior to this commit we were keeping a count of how many KeyUpdates we
have processed and failing if we had had too many. This simplistic approach
is not sufficient for long running connections. Since many KeyUpdates
would not be a particular good DoS route anyway, the simplest solution is
to simply remove the key update count.
Fixes #8068
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/8299)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_locl.h | 2 | ||||
-rw-r--r-- | ssl/statem/statem_lib.c | 7 | ||||
-rw-r--r-- | ssl/statem/statem_locl.h | 3 |
3 files changed, 0 insertions, 12 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index bd0d421..ae6417b 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -1178,8 +1178,6 @@ struct ssl_st { EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ unsigned char write_iv[EVP_MAX_IV_LENGTH]; /* TLSv1.3 static write IV */ EVP_MD_CTX *write_hash; /* used for mac generation */ - /* Count of how many KeyUpdate messages we have received */ - unsigned int key_update_count; /* session info */ /* client cert? */ /* This is used to hold the server certificate used */ diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 8a7ada8..a18c5cc 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -614,13 +614,6 @@ MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt) { unsigned int updatetype; - s->key_update_count++; - if (s->key_update_count > MAX_KEY_UPDATE_MESSAGES) { - SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PROCESS_KEY_UPDATE, - SSL_R_TOO_MANY_KEY_UPDATES); - return MSG_PROCESS_ERROR; - } - /* * A KeyUpdate message signals a key change so the end of the message must * be on a record boundary. diff --git a/ssl/statem/statem_locl.h b/ssl/statem/statem_locl.h index 9c8c753..8f27deb 100644 --- a/ssl/statem/statem_locl.h +++ b/ssl/statem/statem_locl.h @@ -29,9 +29,6 @@ /* Max should actually be 36 but we are generous */ #define FINISHED_MAX_LENGTH 64 -/* The maximum number of incoming KeyUpdate messages we will accept */ -#define MAX_KEY_UPDATE_MESSAGES 32 - /* Dummy message type */ #define SSL3_MT_DUMMY -1 |