mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-31 19:21:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #5915 from AndrzejKurek/cid-resumption-clash

Browse Source 
Fix DTLS 1.2 session resumption
This commit is contained in:
Paul Elliott 2022-07-06 15:03:36 +01:00 committed by GitHub
commit 6e80e09bd1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 46 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog.d/resumption_cid.txt Normal file
View File

@ -0,0 +1,5 @@
Bugfix
* Fix server connection identifier setting for outgoing encrypted records
on DTLS 1.2 session resumption. After DTLS 1.2 session resumption with
connection identifier, the Mbed TLS client now properly sends the server
connection identifier in encrypted record headers. Fix #5872.

28
library/ssl_tls12_client.c
View File

@ -1409,16 +1409,6 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
else else
{ {
ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC;
if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
mbedtls_ssl_send_alert_message(
ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
return( ret );
}
} }
MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed",
@ -1654,6 +1644,24 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
} }
} }
/*
* mbedtls_ssl_derive_keys() has to be called after the parsing of the
* extensions. It sets the transform data for the resumed session which in
* case of DTLS includes the server CID extracted from the CID extension.
*/
if( ssl->handshake->resume )
{
if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
mbedtls_ssl_send_alert_message(
ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
return( ret );
}
}
/* /*
* Renegotiation security checks * Renegotiation security checks
*/ */

23
tests/ssl-opt.sh
View File

@ -3836,6 +3836,29 @@ run_test "Session resume using cache: openssl server" \
-C "parse new session ticket" \ -C "parse new session ticket" \
-c "a session has been resumed" -c "a session has been resumed"
# Tests for Session resume and extensions
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Session resume and connection ID" \
"$P_SRV debug_level=3 cid=1 cid_val=dead dtls=1 tickets=0" \
"$P_CLI debug_level=3 cid=1 cid_val=beef dtls=1 tickets=0 reconnect=1" \
0 \
-c "Enable use of CID extension." \
-s "Enable use of CID extension." \
-c "client hello, adding CID extension" \
-s "found CID extension" \
-s "Use of CID extension negotiated" \
-s "server hello, adding CID extension" \
-c "found CID extension" \
-c "Use of CID extension negotiated" \
-s "Copy CIDs into SSL transform" \
-c "Copy CIDs into SSL transform" \
-c "Peer CID (length 2 Bytes): de ad" \
-s "Peer CID (length 2 Bytes): be ef" \
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
# Tests for Session Resume based on session-ID and cache, DTLS # Tests for Session Resume based on session-ID and cache, DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2