Commit 2d871227 authored by Matt Caswell's avatar Matt Caswell
Browse files

Send an illegal parameter alert if the update type in a KeyUpdate is wrong 



Previously we sent a decode_error alert.

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3436)
parent 1a281aab

ssl/statem/statem_lib.c

+8 −3
Original line number Diff line number Diff line
@@ -583,14 +583,19 @@ MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt) 
    }



    if (!PACKET_get_1(pkt, &updatetype)

            || PACKET_remaining(pkt) != 0

            || (updatetype != SSL_KEY_UPDATE_NOT_REQUESTED

                && updatetype != SSL_KEY_UPDATE_REQUESTED)) {

            || PACKET_remaining(pkt) != 0) {

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_KEY_UPDATE, SSL_R_BAD_KEY_UPDATE);

        goto err;

    }



    if (updatetype != SSL_KEY_UPDATE_NOT_REQUESTED

            && updatetype != SSL_KEY_UPDATE_REQUESTED) {

        al = SSL_AD_ILLEGAL_PARAMETER;

        SSLerr(SSL_F_TLS_PROCESS_KEY_UPDATE, SSL_R_BAD_KEY_UPDATE);

        goto err;

    }



    /*

     * If we get a request for us to update our sending keys too then, we need

     * to additionally send a KeyUpdate message. However that message should