Don't fail on an out-of-order CCS in DTLS Fixes #4929 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6170)

commit: f20404fce90919b614b737d07cc75d9e1c019fb8 [log] [tgz]
author: Matt Caswell <matt@openssl.org> Thu May 03 12:07:47 2018 +0100
committer: Matt Caswell <matt@openssl.org> Tue May 08 09:40:17 2018 +0100
tree: d7a76201369b36630d03a12ac7e05b59dfba60a7
parent: e15e92dbd5248bc8dbd95d2c0af33a6daf8f7255 [diff] [blame]
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 91b986f..60e987a 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c

@@ -375,6 +375,20 @@
 
  err:
     /* No valid transition found */
+    if (SSL_IS_DTLS(s) && mt == SSL3_MT_CHANGE_CIPHER_SPEC) {
+        BIO *rbio;
+
+        /*
+         * CCS messages don't have a message sequence number so this is probably
+         * because of an out-of-order CCS. We'll just drop it.
+         */
+        s->init_num = 0;
+        s->rwstate = SSL_READING;
+        rbio = SSL_get_rbio(s);
+        BIO_clear_retry_flags(rbio);
+        BIO_set_retry_read(rbio);
+        return 0;
+    }
     SSLfatal(s, SSL3_AD_UNEXPECTED_MESSAGE,
              SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION,
              SSL_R_UNEXPECTED_MESSAGE);
commit	f20404fce90919b614b737d07cc75d9e1c019fb8	[log] [tgz]
author	Matt Caswell <matt@openssl.org>	Thu May 03 12:07:47 2018 +0100
committer	Matt Caswell <matt@openssl.org>	Tue May 08 09:40:17 2018 +0100
tree	d7a76201369b36630d03a12ac7e05b59dfba60a7
parent	e15e92dbd5248bc8dbd95d2c0af33a6daf8f7255 [diff] [blame]