From: Matt Caswell <matt@openssl.org>
Date: Fri, 13 Oct 2017 13:36:32 +0000 (+0100)
Subject: Sanity check the HRR version field
X-Git-Tag: OpenSSL_1_1_1-pre1~546
X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=61278ff3f952570a3ca06d02b07502069cd78f55;ds=sidebyside

Sanity check the HRR version field

The previous commit removed version negotiation on an HRR. However we should
still sanity check the contents of the version field.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4527)
---

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index fdf5d451df..338325f777 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -1569,6 +1569,13 @@ static MSG_PROCESS_RETURN tls_process_hello_retry_request(SSL *s, PACKET *pkt)
         goto f_err;
     }
 
+    /* TODO(TLS1.3): Remove the TLS1_3_VERSION_DRAFT clause before release */
+    if (sversion != TLS1_3_VERSION && sversion != TLS1_3_VERSION_DRAFT) {
+        SSLerr(SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST, SSL_R_WRONG_SSL_VERSION);
+        al = SSL_AD_PROTOCOL_VERSION;
+        goto f_err;
+    }
+
     s->hello_retry_request = 1;
 
     /*