aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tls: avoid tls.invalid_handshake_message FP

Browse Source 
Don't set TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE event on encrypted
handshake messages.
pull/7896/head
Victor Julien 3 years ago
parent e9d63f3355
commit cf4c201acb
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File

8
src/app-layer-ssl.c
Unescape Escape View File

@ -1635,7 +1635,13 @@ static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, const uint8_t *input
input_len -= avail_record_len;
SSLParserHSReset(ssl_state->curr_connp);
SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE);
if ((direction && (ssl_state->flags & SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC)) ||
(!direction && (ssl_state->flags & SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC))) {
// after Change Cipher Spec we get Encrypted Handshake Messages
} else {
SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE);
}
continue;
}

Write Preview
Loading…
Cancel
Save