Arne Ansper <[EMAIL PROTECTED]>:

[...]
> okey, the bug:
> 
> ssl3_read_internal function has special treatment for situations when
> renegotiation is going on and the handshake and data packets are arriving
> in random order.
> 
> now, if i have a non-blocking socket on server side and i use BIO SSL
> interface to access it, without performing an explicit handshake using
> BIO_do_handshake or SSL_accept before i start usign BIO_read, then
> following may happen:
> 
> 1) application calls BIO_read that will finally call ssl3_read_internal.
> 
> 2) inside ssl3_read_internal the in_read_app_data flag is set.
> 
> 3) ssl3_read_internal calls ssl3_read_bytes that will determine that
> handshake is not performed and calls handshake function that in my case
> was ssl3_accept.
> 
> 4) ssl3_accept determines that the statemachine is never used before and
> will call SSL_clear.
> 
> 5) SSL_clear will reset in_read_app_data flag (actually it's ssl3_clear
> that clears the flag).
> 
> 6) ssl3_accept will advance the state machine and tries to read the Client
> Hello message
> 
> 7) when the Client Hello is not yet available (non-blokcing socket), it
> will return with an error.
> 
> 8) now the condition inside ssl3_read_internal function will be erronosly
> satisfied: there is error present from ssl3_read_bytes function and the
> in_read_app_data is reset.
[...]

Thanks for the detailed report.  Please try this patch:

Index: s3_lib.c
===================================================================
RCS file: /usr/local/openssl/cvs/openssl/ssl/s3_lib.c,v
retrieving revision 1.39.2.7
diff -u -r1.39.2.7 s3_lib.c
--- s3_lib.c    2002/03/15 10:53:34     1.39.2.7
+++ s3_lib.c    2002/04/12 21:52:10
@@ -1315,13 +1315,12 @@
        if (s->s3->renegotiate) ssl3_renegotiate_check(s);
        s->s3->in_read_app_data=1;
        ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
-       if ((ret == -1) && (s->s3->in_read_app_data == 0))
+       if ((ret == -1) && (s->s3->in_read_app_data == 2))
                {
                /* ssl3_read_bytes decided to call s->handshake_func, which
                 * called ssl3_read_bytes to read handshake data.
                 * However, ssl3_read_bytes actually found application data
-                * and thinks that application data makes sense here (signalled
-                * by resetting 'in_read_app_data', strangely); so disable
+                * and thinks that application data makes sense here; so disable
                 * handshake processing and try to read application data again. */
                s->in_handshake++;
                ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
Index: s3_pkt.c
===================================================================
RCS file: /usr/local/openssl/cvs/openssl/ssl/s3_pkt.c,v
retrieving revision 1.37.2.5
diff -u -r1.37.2.5 s3_pkt.c
--- s3_pkt.c    2001/12/28 17:13:10     1.37.2.5
+++ s3_pkt.c    2002/04/12 21:51:58
@@ -1114,7 +1114,7 @@
                                        )
                                ))
                        {
-                       s->s3->in_read_app_data=0;
+                       s->s3->in_read_app_data=2;
                        return(-1);
                        }
                else



-- 
Bodo M�ller <[EMAIL PROTECTED]>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to