File 4596-ssl-Reset-to-old-connection-state.patch of Package erlang

Overview Repositories Revisions Requests Users Attributes Meta

File 4596-ssl-Reset-to-old-connection-state.patch of Package erlang

From 9c7a4732562ce4313bf9b77b0ef7b3a2be18ab5d Mon Sep 17 00:00:00 2001
From: Dan Gudmundsson <dgud@erlang.org>
Date: Wed, 22 Sep 2021 14:46:42 +0200
Subject: [PATCH 06/10] ssl: Reset to old connection state

In case of fake takeover, reset connection to old working one,
i.e. if any alert is generated or coming on the "new" connection,
reset connection_states and state to the saved one.
---
 lib/ssl/src/dtls_connection.erl     | 91 +++++++++++++++++++----------
 lib/ssl/src/dtls_gen_connection.erl | 28 +++++++--
 2 files changed, 81 insertions(+), 38 deletions(-)

diff --git a/lib/ssl/src/dtls_connection.erl b/lib/ssl/src/dtls_connection.erl
index a27b9a6213..0ee01515a1 100644
--- a/lib/ssl/src/dtls_connection.erl
+++ b/lib/ssl/src/dtls_connection.erl
@@ -132,6 +132,8 @@
 
 -export([renegotiate/2]).
 
+-export([alert_or_reset_connection/3]).  %% Code re-use from dtls_gen_connection.
+
 %% gen_statem state functions
 -export([initial_hello/3,
          config_error/3,
@@ -287,7 +289,7 @@ hello(internal, #client_hello{cookie = <<>>,
                                                                              ssl_handshake:init_handshake_history()}},
                                            Actions)
     catch throw:#alert{} = Alert ->
-            ssl_gen_statem:handle_own_alert(Alert,?FUNCTION_NAME, State0)
+            alert_or_reset_connection(Alert, ?FUNCTION_NAME, State0)
     end;
 hello(internal, #hello_verify_request{cookie = Cookie}, 
       #state{static_env = #static_env{role = client,
@@ -327,17 +329,8 @@ hello(internal, #client_hello{extensions = Extensions} = Hello,
                                                  handshake_env = HsEnv#handshake_env{hello = Hello}},
              [{reply, From, {ok, Extensions}}]}
     catch throw:#alert{} = Alert ->
-            ssl_gen_statem:handle_own_alert(Alert, ?FUNCTION_NAME, State0)
+            alert_or_reset_connection(Alert, ?FUNCTION_NAME, State0)
     end;
-hello(internal, #server_hello{extensions = Extensions} = Hello, 
-      #state{ssl_options = #{
-                             handshake := hello},
-             handshake_env = HsEnv,
-             start_or_recv_from = From} = State) ->
-    {next_state, user_hello, State#state{start_or_recv_from = undefined,
-                                         handshake_env = HsEnv#handshake_env{
-                                                           hello = Hello}},
-     [{reply, From, {ok, Extensions}}]};       
 hello(internal, #client_hello{cookie = Cookie} = Hello, #state{static_env = #static_env{role = server,
                                                                                         transport_cb = Transport,
                                                                                         socket = Socket},
@@ -350,13 +343,23 @@ hello(internal, #client_hello{cookie = Cookie} = Hello, #state{static_env = #sta
 	    handle_client_hello(Hello, State);
 	_ ->
             case dtls_handshake:cookie(PSecret, IP, Port, Hello) of
-               	Cookie -> 
+               	Cookie ->
                     handle_client_hello(Hello, State);
                 _ ->
                     %% Handle bad cookie as new cookie request RFC 6347 4.1.2
                     hello(internal, Hello#client_hello{cookie = <<>>}, State)
             end
     end;
+hello(internal, #server_hello{extensions = Extensions} = Hello, 
+      #state{ssl_options = #{
+                 handshake := hello},
+             handshake_env = HsEnv,
+             start_or_recv_from = From} = State) ->
+    {next_state, user_hello, State#state{start_or_recv_from = undefined,
+                                         handshake_env = HsEnv#handshake_env{
+                                                           hello = Hello}},
+     [{reply, From, {ok, Extensions}}]};       
+
 hello(internal, #server_hello{} = Hello,
       #state{
          static_env = #static_env{role = client},
@@ -487,12 +490,19 @@ cipher(Type, Event, State) ->
      gen_handshake(?FUNCTION_NAME, Type, Event, State).
 
 %%--------------------------------------------------------------------
--spec connection(gen_statem:event_type(),  
+-spec connection(gen_statem:event_type(),
 		 #hello_request{} | #client_hello{}| term(), #state{}) ->
 			gen_statem:state_function_result().
 %%--------------------------------------------------------------------
-connection(enter, _, State) ->
-    {keep_state, State};     
+connection(enter, _, #state{connection_states = Cs0} = State0) ->
+    State = case maps:is_key(previous_cs, Cs0) of
+                false ->
+                    State0;
+                true ->
+                    Cs = maps:remove(previous_cs, Cs0),
+                    State0#state{connection_states = Cs}
+            end,
+    {keep_state, State};
 connection(info, Event, State) ->
     gen_info(Event, ?FUNCTION_NAME, State);
 connection(internal, #hello_request{}, #state{static_env = #static_env{host = Host,
@@ -544,12 +554,18 @@ connection(internal, #client_hello{}, #state{static_env = #static_env{role = ser
 connection(internal, new_connection, #state{ssl_options=SSLOptions,
                                             handshake_env=HsEnv,
                                             connection_states = OldCs} = State) ->
-    #{beast_mitigation := BeastMitigation} = SSLOptions,
-    ConnectionStates0 = dtls_record:init_connection_states(server, BeastMitigation),
-    #{current_write:=CW, current_read:=CR} = OldCs,
-    ConnectionStates = ConnectionStates0#{saved_write:=CW, saved_read:=CR},
-    {next_state, hello, State#state{handshake_env = HsEnv#handshake_env{renegotiation = {false, first}},
-                                    connection_states = ConnectionStates}};
+    case maps:get(previous_cs, OldCs, undefined) of
+        undefined ->
+            #{beast_mitigation := BeastMitigation} = SSLOptions,
+            ConnectionStates0 = dtls_record:init_connection_states(server, BeastMitigation),
+            ConnectionStates = ConnectionStates0#{previous_cs => OldCs},
+            {next_state, hello, State#state{handshake_env = HsEnv#handshake_env{renegotiation = {false, first}},
+                                            connection_states = ConnectionStates}};
+        _ ->
+            %% Someone spamming new_connection, just drop them
+            {keep_state, State}
+    end;
+
 connection({call, From}, {application_data, Data}, State) ->
     try
         send_application_data(Data, From, ?FUNCTION_NAME, State)
@@ -680,7 +696,7 @@ handle_client_hello(#client_hello{client_version = ClientVersion} = Hello, State
                                             session = Session}),
         {next_state, hello, State, [{next_event, internal, {common_client_hello, Type, ServerHelloExt}}]}
     catch #alert{} = Alert ->
-            ssl_gen_statem:handle_own_alert(Alert, hello, State0)
+            alert_or_reset_connection(Alert, hello, State0)
     end.
 
 
@@ -694,32 +710,43 @@ handle_state_timeout(flight_retransmission_timeout, StateName,
     %% This will reset the retransmission timer by repeating the enter state event
     {repeat_state, State, Actions}.
 
-
+alert_or_reset_connection(Alert, StateName, #state{connection_states = Cs} = State) ->
+    case maps:get(previous_cs, Cs, undefined) of
+        undefined ->
+            ssl_gen_statem:handle_own_alert(Alert, StateName, State);
+        PreviousConn ->
+            %% There exists an old connection and the new one failed,
+            %% reset to the old working one.
+            %% The next alert will be sent
+            HsEnv0 = State#state.handshake_env,
+            HsEnv  = HsEnv0#handshake_env{renegotiation = undefined},
+            NewState = State#state{connection_states = PreviousConn,
+                                   handshake_env = HsEnv
+                                  },
+            {next_state, connection, NewState}
+    end.
 
 gen_handshake(StateName, Type, Event, State) ->
     try tls_dtls_connection:StateName(Type, Event, State)
     catch
         throw:#alert{}=Alert ->
-            ssl_gen_statem:handle_own_alert(Alert, StateName,State);
+            alert_or_reset_connection(Alert, StateName, State);
         error:_ ->
             Alert = ?ALERT_REC(?FATAL, ?HANDSHAKE_FAILURE, malformed_handshake_data),
-            ssl_gen_statem:handle_own_alert(Alert, StateName,State)
+            alert_or_reset_connection(Alert, StateName, State)
     end.
 
 gen_info(Event, connection = StateName, State) ->
     try dtls_gen_connection:handle_info(Event, StateName, State)
     catch error:_ ->
-	    ssl_gen_statem:handle_own_alert(?ALERT_REC(?FATAL, ?INTERNAL_ERROR,
-						       malformed_data), 
-					    StateName, State)  
+            Alert = ?ALERT_REC(?FATAL, ?INTERNAL_ERROR, malformed_data),
+            alert_or_reset_connection(Alert, StateName, State)
     end;
-
 gen_info(Event, StateName, State) ->
     try dtls_gen_connection:handle_info(Event, StateName, State)
     catch error:_ ->
-	    ssl_gen_statem:handle_own_alert(?ALERT_REC(?FATAL, ?HANDSHAKE_FAILURE,
-						       malformed_handshake_data), 
-					    StateName, State)  
+            Alert = ?ALERT_REC(?FATAL, ?HANDSHAKE_FAILURE,malformed_handshake_data),
+            alert_or_reset_connection(Alert, StateName, State)
     end.
 
 prepare_flight(#state{flight_buffer = Flight,
diff --git a/lib/ssl/src/dtls_gen_connection.erl b/lib/ssl/src/dtls_gen_connection.erl
index ebc9766645..12aa094191 100644
--- a/lib/ssl/src/dtls_gen_connection.erl
+++ b/lib/ssl/src/dtls_gen_connection.erl
@@ -629,10 +629,26 @@ handle_alerts([], Result) ->
     Result;
 handle_alerts(_, {stop, _, _} = Stop) ->
     Stop;
-handle_alerts([Alert | Alerts], {next_state, StateName, State}) ->
-     handle_alerts(Alerts, ssl_gen_statem:handle_alert(Alert, StateName, State));
-handle_alerts([Alert | Alerts], {next_state, StateName, State, _Actions}) ->
-     handle_alerts(Alerts, ssl_gen_statem:handle_alert(Alert, StateName, State)).
+handle_alerts(Alerts, {next_state, StateName, State}) ->
+    handle_alerts_or_reset(Alerts, StateName, State);
+handle_alerts(Alerts, {next_state, StateName, State, _Actions}) ->
+    handle_alerts_or_reset(Alerts, StateName, State).
+
+handle_alerts_or_reset([Alert|Alerts], StateName, #state{connection_states = Cs} = State) ->
+    case maps:get(previous_cs, Cs, undefined) of
+        undefined ->
+            handle_alerts(Alerts, ssl_gen_statem:handle_alert(Alert, StateName, State));
+        PreviousConn ->
+            %% There exists an old connection and the new one sent alerts,
+            %% reset to the old working one.
+            HsEnv0 = State#state.handshake_env,
+            HsEnv  = HsEnv0#handshake_env{renegotiation = undefined},
+            NewState = State#state{connection_states = PreviousConn,
+                                   handshake_env = HsEnv
+                                  },
+            {next_state, connection, NewState}
+    end.
+
 
 handle_own_alert(Alert, StateName,
                  #state{static_env = #static_env{data_tag = udp,
@@ -643,10 +659,10 @@ handle_own_alert(Alert, StateName,
             log_ignore_alert(LogLevel, StateName, Alert, Role),
             {next_state, StateName, State};
         {false, State} ->
-            ssl_gen_statem:handle_own_alert(Alert, StateName, State)
+            dtls_connection:alert_or_reset_connection(Alert, StateName, State)
     end;
 handle_own_alert(Alert, StateName, State) ->
-    ssl_gen_statem:handle_own_alert(Alert, StateName, State).
+    dtls_connection:alert_or_reset_connection(Alert, StateName, State).
 
 ignore_alert(#alert{level = ?FATAL}, #state{protocol_specific = #{ignored_alerts := N,
                                                   max_ignored_alerts := N}} = State) ->
-- 
2.31.1

Places

File 4596-ssl-Reset-to-old-connection-state.patch of Package erlang

Places