Merge pull request #10047 from mpg/fix-defrag-interleave-dev

Fix defrag interleave dev
2025-03-14 16:20:51 +00:00 · 2025-03-11 12:38:08 +01:00 · 2025-03-11 12:38:08 +01:00 · ba010729b7
commit ba010729b7
parent 723fec4eca e26a060194
1 changed files with 12 additions and 0 deletions
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@ -4889,6 +4889,18 @@ int mbedtls_ssl_handle_message_type(mbedtls_ssl_context *ssl)
 {
    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;

+    /* If we're in the middle of a fragmented TLS handshake message,
+     * we don't accept any other message type. For TLS 1.3, the spec forbids
+     * interleaving other message types between handshake fragments. For TLS
+     * 1.2, the spec does not forbid it but we do. */
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM &&
+        ssl->in_hsfraglen != 0 &&
+        ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("non-handshake message in the middle"
+                                  " of a fragmented handshake message"));
+        return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+    }
+
    /*
     * Handle particular types of records
     */