Merge branch 'fix-state-machine-for-dtls13' into dtls1.3-pr

fwh-dc · Dec 29, 2023 · ad5be76 · ad5be76
2 parents 0974711 + 841bd41
commit ad5be76
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 13 deletions.
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
@@ -2638,6 +2638,7 @@ __owur int dtls1_close_construct_packet(SSL_CONNECTION *s, WPACKET *pkt, int hty
 __owur int ssl3_handshake_write(SSL_CONNECTION *s);
 
 __owur int ssl_allow_compression(SSL_CONNECTION *s);
+__owur int version_cmp(const SSL_CONNECTION *s, int a, int b);
 
 __owur int ssl_version_supported(const SSL_CONNECTION *s, int version,
                                  const SSL_METHOD **meth);

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
@@ -4060,9 +4060,11 @@ int ssl_cipher_list_to_bytes(SSL_CONNECTION *s, STACK_OF(SSL_CIPHER) *sk,
 {
     int i;
     size_t totlen = 0, len, maxlen, maxverok = 0;
+    int min_proto_version_limit = SSL_CONNECTION_IS_DTLS(s)
+                                  ? DTLS1_3_VERSION : TLS1_3_VERSION;
     int empty_reneg_info_scsv = !s->renegotiate
-                                && ((SSL_CONNECTION_IS_DTLS(s) && DTLS_VERSION_LT(s->min_proto_version, DTLS1_3_VERSION))
-                                    || (!SSL_CONNECTION_IS_DTLS(s) && s->min_proto_version < TLS1_3_VERSION));
+                                && (ssl_version_cmp(s, s->min_proto_version, min_proto_version_limit) < 0
+                                    || s->min_proto_version == 0);
     SSL *ssl = SSL_CONNECTION_GET_SSL(s);
 
     /* Set disabled masks for this session */

diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
@@ -1788,7 +1788,7 @@ int ssl_allow_compression(SSL_CONNECTION *s)
     return ssl_security(s, SSL_SECOP_COMPRESSION, 0, 0, NULL);
 }
 
-static int version_cmp(const SSL_CONNECTION *s, int a, int b)
+int ssl_version_cmp(const SSL_CONNECTION *s, int a, int b)
 {
     int dtls = SSL_CONNECTION_IS_DTLS(s);
 
@@ -1874,12 +1874,12 @@ static int ssl_method_error(const SSL_CONNECTION *s, const SSL_METHOD *method)
     int version = method->version;
 
     if ((s->min_proto_version != 0 &&
-         version_cmp(s, version, s->min_proto_version) < 0) ||
+        ssl_version_cmp(s, version, s->min_proto_version) < 0) ||
         ssl_security(s, SSL_SECOP_VERSION, 0, version, NULL) == 0)
         return SSL_R_VERSION_TOO_LOW;
 
     if (s->max_proto_version != 0 &&
-        version_cmp(s, version, s->max_proto_version) > 0)
+        ssl_version_cmp(s, version, s->max_proto_version) > 0)
         return SSL_R_VERSION_TOO_HIGH;
 
     if ((s->options & method->mask) != 0)
@@ -1967,7 +1967,7 @@ int ssl_version_supported(const SSL_CONNECTION *s, int version,
     switch (SSL_CONNECTION_GET_SSL(s)->method->version) {
     default:
         /* Version should match method version for non-ANY method */
-        return version_cmp(s, version, s->version) == 0;
+        return ssl_version_cmp(s, version, s->version) == 0;
     case TLS_ANY_VERSION:
         table = tls_version_table;
         break;
@@ -1977,11 +1977,11 @@ int ssl_version_supported(const SSL_CONNECTION *s, int version,
     }
 
     for (vent = table;
-         vent->version != 0 && version_cmp(s, version, vent->version) <= 0;
+         vent->version != 0 && ssl_version_cmp(s, version, vent->version) <= 0;
          ++vent) {
         if (vent->cmeth != NULL
-                && version_cmp(s, version, vent->version) == 0
-                && ssl_method_error(s, vent->cmeth()) == 0
+            && ssl_version_cmp(s, version, vent->version) == 0
+            && ssl_method_error(s, vent->cmeth()) == 0
                 && (!s->server
                     || (version != TLS1_3_VERSION && version != DTLS1_3_VERSION)
                     || is_tls13_capable(s))) {
@@ -2154,7 +2154,7 @@ int ssl_choose_server_version(SSL_CONNECTION *s, CLIENTHELLO_MSG *hello,
     switch (server_version) {
     default:
         if (!(SSL_CONNECTION_IS_TLS13(s) || SSL_CONNECTION_IS_DTLS13(s))) {
-            if (version_cmp(s, client_version, s->version) < 0)
+            if (ssl_version_cmp(s, client_version, s->version) < 0)
                 return SSL_R_WRONG_SSL_VERSION;
             *dgrd = DOWNGRADE_NONE;
             /*
@@ -2211,7 +2211,7 @@ int ssl_choose_server_version(SSL_CONNECTION *s, CLIENTHELLO_MSG *hello,
             return SSL_R_BAD_LEGACY_VERSION;
 
         while (PACKET_get_net_2(&versionslist, &candidate_vers)) {
-            if (version_cmp(s, candidate_vers, best_vers) <= 0)
+            if (ssl_version_cmp(s, candidate_vers, best_vers) <= 0)
                 continue;
             if (ssl_version_supported(s, candidate_vers, &best_method))
                 best_vers = candidate_vers;
@@ -2249,7 +2249,7 @@ int ssl_choose_server_version(SSL_CONNECTION *s, CLIENTHELLO_MSG *hello,
      */
     const int version = SSL_CONNECTION_IS_DTLS(s) ? DTLS1_3_VERSION : TLS1_3_VERSION;
     const int forcedversion = SSL_CONNECTION_IS_DTLS(s) ? DTLS1_2_VERSION : TLS1_2_VERSION;
-    if (version_cmp(s, client_version, version) >= 0)
+    if (ssl_version_cmp(s, client_version, version) >= 0)
         client_version = forcedversion;
 
     /*
@@ -2260,7 +2260,7 @@ int ssl_choose_server_version(SSL_CONNECTION *s, CLIENTHELLO_MSG *hello,
         const SSL_METHOD *method;
 
         if (vent->smeth == NULL ||
-            version_cmp(s, client_version, vent->version) < 0)
+            ssl_version_cmp(s, client_version, vent->version) < 0)
             continue;
         method = vent->smeth();
         if (ssl_method_error(s, method) == 0) {