java/openjdk6/files/icedtea/security/20130201/7192393.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

# HG changeset patch
# User mbankal
# Date 1355294606 28800
# Node ID 708c134c36312faf8721c0c981be6553e4ebf49f
# Parent  175c95df5b8609142188946b59040de2e4cbe0af
7192393: Better Checking of order of TLS Messages
Reviewed-by: xuelei

diff --git a/src/share/classes/sun/security/ssl/ClientHandshaker.java b/src/share/classes/sun/security/ssl/ClientHandshaker.java
--- jdk/src/share/classes/sun/security/ssl/ClientHandshaker.java
+++ jdk/src/share/classes/sun/security/ssl/ClientHandshaker.java
@@ -128,9 +128,8 @@ final class ClientHandshaker extends Han
      * in the constructor.
      */
     void processMessage(byte type, int messageLen) throws IOException {
-        if (state > type
-                && (type != HandshakeMessage.ht_hello_request
-                    && state != HandshakeMessage.ht_client_hello)) {
+        if (state >= type
+                && (type != HandshakeMessage.ht_hello_request)) {
             throw new SSLProtocolException(
                     "Handshake message sequence violation, " + type);
         }
diff --git a/src/share/classes/sun/security/ssl/ServerHandshaker.java b/src/share/classes/sun/security/ssl/ServerHandshaker.java
--- jdk/src/share/classes/sun/security/ssl/ServerHandshaker.java
+++ jdk/src/share/classes/sun/security/ssl/ServerHandshaker.java
@@ -153,7 +153,7 @@ final class ServerHandshaker extends Han
         // In SSLv3 and TLS, messages follow strictly increasing
         // numerical order _except_ for one annoying special case.
         //
-        if ((state > type)
+        if ((state >= type)
                 && (state != HandshakeMessage.ht_client_key_exchange
                     && type != HandshakeMessage.ht_certificate_verify)) {
             throw new SSLProtocolException(
@@ -250,16 +250,17 @@ final class ServerHandshaker extends Han
         }
 
         //
-        // Move the state machine forward except for that annoying
-        // special case.  This means that clients could send extra
-        // cert verify messages; not a problem so long as all of
-        // them actually check out.
+        // Move state machine forward if the message handling
+        // code didn't already do so
         //
-        if (state < type && type != HandshakeMessage.ht_certificate_verify) {
-            state = type;
+        if (state < type) { 
+            if(type == HandshakeMessage.ht_certificate_verify) {
+                state = type + 2;    // an annoying special case
+            } else {
+                state = type;
+            }
         }
     }
-
 
     /*
      * ClientHello presents the server with a bunch of options, to which the