Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Ledest:erlang:24
erlang
3881-Fix-version-test.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 3881-Fix-version-test.patch of Package erlang
From d3809bf9c112f3274176f5a306437c6ab86c2efd Mon Sep 17 00:00:00 2001 From: Dan Gudmundsson <dgud@erlang.org> Date: Thu, 29 Dec 2022 14:54:07 +0100 Subject: [PATCH 1/3] Fix version test Allow bad versions so that we can discover new connections. --- lib/ssl/src/dtls_record.erl | 64 +++++++++++++++++++++---------------- 1 file changed, 36 insertions(+), 28 deletions(-) diff --git a/lib/ssl/src/dtls_record.erl b/lib/ssl/src/dtls_record.erl index 6efc2dc8be..72bd54a51a 100644 --- a/lib/ssl/src/dtls_record.erl +++ b/lib/ssl/src/dtls_record.erl @@ -175,9 +175,9 @@ current_connection_state_epoch(#{current_write := #{epoch := Epoch}}, %% and returns it as a list of tls_compressed binaries also returns leftover %% data %%-------------------------------------------------------------------- -get_dtls_records(Data, Vinfo, Buffer, SslOpts) -> +get_dtls_records(Data, Vinfo, Buffer, #{log_level := LogLevel}) -> BinData = list_to_binary([Buffer, Data]), - get_dtls_records_aux(Vinfo, BinData, [], SslOpts). + get_dtls_records_aux(Vinfo, BinData, [], LogLevel). %%==================================================================== %% Encoding DTLS records @@ -423,40 +423,48 @@ initial_connection_state(ConnectionEnd, BeastMitigation) -> max_fragment_length => undefined }. -get_dtls_records_aux({DataTag, StateName, _, Versions} = Vinfo, <<?BYTE(Type),?BYTE(MajVer),?BYTE(MinVer), - ?UINT16(Epoch), ?UINT48(SequenceNumber), - ?UINT16(Length), Data:Length/binary, Rest/binary>> = RawDTLSRecord, - Acc, #{log_level := LogLevel} = SslOpts) +get_dtls_records_aux({DataTag, StateName, _, Versions} = Vinfo, + <<?BYTE(Type),?BYTE(MajVer),?BYTE(MinVer), + ?UINT16(Epoch), ?UINT48(SequenceNumber), + ?UINT16(Length), Data:Length/binary, Rest/binary>> = RawDTLSRecord, + Acc0, LogLevel) when ((StateName == hello) orelse ((StateName == certify) andalso (DataTag == udp)) - orelse ((StateName == abbreviated) andalso (DataTag == udp))) andalso ((Type == ?HANDSHAKE) - orelse - (Type == ?ALERT)) -> + orelse ((StateName == abbreviated) andalso (DataTag == udp))) + andalso ((Type == ?HANDSHAKE) orelse (Type == ?ALERT)) -> ssl_logger:debug(LogLevel, inbound, 'record', [RawDTLSRecord]), + Acc = [#ssl_tls{type = Type, version = {MajVer, MinVer}, + epoch = Epoch, sequence_number = SequenceNumber, + fragment = Data} | Acc0], case is_acceptable_version({MajVer, MinVer}, Versions) of true -> - get_dtls_records_aux(Vinfo, Rest, [#ssl_tls{type = Type, - version = {MajVer, MinVer}, - epoch = Epoch, sequence_number = SequenceNumber, - fragment = Data} | Acc], SslOpts); + get_dtls_records_aux(Vinfo, Rest, Acc, LogLevel); false -> - ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC) - end; -get_dtls_records_aux({_, _, Version, _} = Vinfo, <<?BYTE(Type),?BYTE(MajVer),?BYTE(MinVer), - ?UINT16(Epoch), ?UINT48(SequenceNumber), + ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC) + end; +get_dtls_records_aux({_, _, Version, Versions} = Vinfo, + <<?BYTE(Type),?BYTE(MajVer),?BYTE(MinVer), + ?UINT16(Epoch), ?UINT48(SequenceNumber), ?UINT16(Length), Data:Length/binary, Rest/binary>> = RawDTLSRecord, - Acc, #{log_level := LogLevel} = SslOpts) when (Type == ?APPLICATION_DATA) orelse - (Type == ?HANDSHAKE) orelse - (Type == ?ALERT) orelse - (Type == ?CHANGE_CIPHER_SPEC) -> + Acc0, LogLevel) + when (Type == ?APPLICATION_DATA) orelse + (Type == ?HANDSHAKE) orelse + (Type == ?ALERT) orelse + (Type == ?CHANGE_CIPHER_SPEC) -> ssl_logger:debug(LogLevel, inbound, 'record', [RawDTLSRecord]), - case {MajVer, MinVer} of - Version -> - get_dtls_records_aux(Vinfo, Rest, [#ssl_tls{type = Type, - version = {MajVer, MinVer}, - epoch = Epoch, sequence_number = SequenceNumber, - fragment = Data} | Acc], SslOpts); - _ -> + Acc = [#ssl_tls{type = Type, version = {MajVer,MinVer}, + epoch = Epoch, sequence_number = SequenceNumber, + fragment = Data} | Acc0], + if {MajVer, MinVer} =:= Version -> + get_dtls_records_aux(Vinfo, Rest, Acc, LogLevel); + Type == ?HANDSHAKE -> + case is_acceptable_version({MajVer, MinVer}, Versions) of + true -> + get_dtls_records_aux(Vinfo, Rest, Acc, LogLevel); + false -> + ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC) + end; + true -> ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC) end; get_dtls_records_aux(_, <<?BYTE(_), ?BYTE(_MajVer), ?BYTE(_MinVer), -- 2.35.3
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor