File 3881-Fix-version-test.patch of Package erlang
From d3809bf9c112f3274176f5a306437c6ab86c2efd Mon Sep 17 00:00:00 2001
From: Dan Gudmundsson <dgud@erlang.org>
Date: Thu, 29 Dec 2022 14:54:07 +0100
Subject: [PATCH 1/3] Fix version test
Allow bad versions so that we can discover new connections.
---
lib/ssl/src/dtls_record.erl | 64 +++++++++++++++++++++----------------
1 file changed, 36 insertions(+), 28 deletions(-)
diff --git a/lib/ssl/src/dtls_record.erl b/lib/ssl/src/dtls_record.erl
index 6efc2dc8be..72bd54a51a 100644
--- a/lib/ssl/src/dtls_record.erl
+++ b/lib/ssl/src/dtls_record.erl
@@ -175,9 +175,9 @@ current_connection_state_epoch(#{current_write := #{epoch := Epoch}},
%% and returns it as a list of tls_compressed binaries also returns leftover
%% data
%%--------------------------------------------------------------------
-get_dtls_records(Data, Vinfo, Buffer, SslOpts) ->
+get_dtls_records(Data, Vinfo, Buffer, #{log_level := LogLevel}) ->
BinData = list_to_binary([Buffer, Data]),
- get_dtls_records_aux(Vinfo, BinData, [], SslOpts).
+ get_dtls_records_aux(Vinfo, BinData, [], LogLevel).
%%====================================================================
%% Encoding DTLS records
@@ -423,40 +423,48 @@ initial_connection_state(ConnectionEnd, BeastMitigation) ->
max_fragment_length => undefined
}.
-get_dtls_records_aux({DataTag, StateName, _, Versions} = Vinfo, <<?BYTE(Type),?BYTE(MajVer),?BYTE(MinVer),
- ?UINT16(Epoch), ?UINT48(SequenceNumber),
- ?UINT16(Length), Data:Length/binary, Rest/binary>> = RawDTLSRecord,
- Acc, #{log_level := LogLevel} = SslOpts)
+get_dtls_records_aux({DataTag, StateName, _, Versions} = Vinfo,
+ <<?BYTE(Type),?BYTE(MajVer),?BYTE(MinVer),
+ ?UINT16(Epoch), ?UINT48(SequenceNumber),
+ ?UINT16(Length), Data:Length/binary, Rest/binary>> = RawDTLSRecord,
+ Acc0, LogLevel)
when ((StateName == hello)
orelse ((StateName == certify) andalso (DataTag == udp))
- orelse ((StateName == abbreviated) andalso (DataTag == udp))) andalso ((Type == ?HANDSHAKE)
- orelse
- (Type == ?ALERT)) ->
+ orelse ((StateName == abbreviated) andalso (DataTag == udp)))
+ andalso ((Type == ?HANDSHAKE) orelse (Type == ?ALERT)) ->
ssl_logger:debug(LogLevel, inbound, 'record', [RawDTLSRecord]),
+ Acc = [#ssl_tls{type = Type, version = {MajVer, MinVer},
+ epoch = Epoch, sequence_number = SequenceNumber,
+ fragment = Data} | Acc0],
case is_acceptable_version({MajVer, MinVer}, Versions) of
true ->
- get_dtls_records_aux(Vinfo, Rest, [#ssl_tls{type = Type,
- version = {MajVer, MinVer},
- epoch = Epoch, sequence_number = SequenceNumber,
- fragment = Data} | Acc], SslOpts);
+ get_dtls_records_aux(Vinfo, Rest, Acc, LogLevel);
false ->
- ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC)
- end;
-get_dtls_records_aux({_, _, Version, _} = Vinfo, <<?BYTE(Type),?BYTE(MajVer),?BYTE(MinVer),
- ?UINT16(Epoch), ?UINT48(SequenceNumber),
+ ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC)
+ end;
+get_dtls_records_aux({_, _, Version, Versions} = Vinfo,
+ <<?BYTE(Type),?BYTE(MajVer),?BYTE(MinVer),
+ ?UINT16(Epoch), ?UINT48(SequenceNumber),
?UINT16(Length), Data:Length/binary, Rest/binary>> = RawDTLSRecord,
- Acc, #{log_level := LogLevel} = SslOpts) when (Type == ?APPLICATION_DATA) orelse
- (Type == ?HANDSHAKE) orelse
- (Type == ?ALERT) orelse
- (Type == ?CHANGE_CIPHER_SPEC) ->
+ Acc0, LogLevel)
+ when (Type == ?APPLICATION_DATA) orelse
+ (Type == ?HANDSHAKE) orelse
+ (Type == ?ALERT) orelse
+ (Type == ?CHANGE_CIPHER_SPEC) ->
ssl_logger:debug(LogLevel, inbound, 'record', [RawDTLSRecord]),
- case {MajVer, MinVer} of
- Version ->
- get_dtls_records_aux(Vinfo, Rest, [#ssl_tls{type = Type,
- version = {MajVer, MinVer},
- epoch = Epoch, sequence_number = SequenceNumber,
- fragment = Data} | Acc], SslOpts);
- _ ->
+ Acc = [#ssl_tls{type = Type, version = {MajVer,MinVer},
+ epoch = Epoch, sequence_number = SequenceNumber,
+ fragment = Data} | Acc0],
+ if {MajVer, MinVer} =:= Version ->
+ get_dtls_records_aux(Vinfo, Rest, Acc, LogLevel);
+ Type == ?HANDSHAKE ->
+ case is_acceptable_version({MajVer, MinVer}, Versions) of
+ true ->
+ get_dtls_records_aux(Vinfo, Rest, Acc, LogLevel);
+ false ->
+ ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC)
+ end;
+ true ->
?ALERT_REC(?FATAL, ?BAD_RECORD_MAC)
end;
get_dtls_records_aux(_, <<?BYTE(_), ?BYTE(_MajVer), ?BYTE(_MinVer),
--
2.35.3
