7192393: Better Checking of order of TLS Messages
Summary: Also reviewed by Andrew Gross<Andrew.Gross@Oracle.COM>
Reviewed-by: weijun
--- a/jdk/src/share/classes/sun/security/ssl/ClientHandshaker.java Fri Oct 12 15:51:44 2012 +0400
+++ b/jdk/src/share/classes/sun/security/ssl/ClientHandshaker.java Mon Oct 15 07:42:18 2012 -0700
@@ -128,9 +128,8 @@
* in the constructor.
*/
void processMessage(byte type, int messageLen) throws IOException {
- if (state > type
- && (type != HandshakeMessage.ht_hello_request
- && state != HandshakeMessage.ht_client_hello)) {
+ if (state >= type
+ && (type != HandshakeMessage.ht_hello_request)) {
throw new SSLProtocolException(
"Handshake message sequence violation, " + type);
}
--- a/jdk/src/share/classes/sun/security/ssl/ServerHandshaker.java Fri Oct 12 15:51:44 2012 +0400
+++ b/jdk/src/share/classes/sun/security/ssl/ServerHandshaker.java Mon Oct 15 07:42:18 2012 -0700
@@ -150,7 +150,7 @@
// In SSLv3 and TLS, messages follow strictly increasing
// numerical order _except_ for one annoying special case.
//
- if ((state > type)
+ if ((state >= type)
&& (state != HandshakeMessage.ht_client_key_exchange
&& type != HandshakeMessage.ht_certificate_verify)) {
throw new SSLProtocolException(
@@ -250,13 +250,15 @@
}
//
- // Move the state machine forward except for that annoying
- // special case. This means that clients could send extra
- // cert verify messages; not a problem so long as all of
- // them actually check out.
+ // Move state machine forward if the message handling
+ // code didn't already do so
//
- if (state < type && type != HandshakeMessage.ht_certificate_verify) {
- state = type;
+ if (state < type) {
+ if(type == HandshakeMessage.ht_certificate_verify) {
+ state = type + 2; // an annoying special case
+ } else {
+ state = type;
+ }
}
}