From: Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk>
Date: Mon, 16 Oct 2023 08:43:17 +0000 (+0200)
Subject: Make similar changes to dtls1_do_write() for dtls1.3 as in ssl3_do_write() for tls1.3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b83a25638e5dfc43f1f00058b0822e79c18e3ef7;p=thirdparty%2Fopenssl.git

Make similar changes to dtls1_do_write() for dtls1.3 as in ssl3_do_write() for tls1.3

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22360)
---

diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c
index b583e312d99..ccffe02c226 100644
--- a/ssl/statem/statem_dtls.c
+++ b/ssl/statem/statem_dtls.c
@@ -288,9 +288,19 @@ int dtls1_do_write(SSL_CONNECTION *s, uint8_t type)
                     p += DTLS1_HM_HEADER_LENGTH;
                     xlen = written - DTLS1_HM_HEADER_LENGTH;
                 }
-
-                if (!ssl3_finish_mac(s, p, xlen))
-                    return -1;
+                /*
+                 * should not be done for 'Hello Request's, but in that case we'll
+                 * ignore the result anyway
+                 * DTLS1.3 KeyUpdate and NewSessionTicket do not need to be added
+                 */
+                if (!SSL_CONNECTION_IS_DTLS13(s)
+                    || (s->statem.hand_state != TLS_ST_SW_SESSION_TICKET
+                        && s->statem.hand_state != TLS_ST_CW_KEY_UPDATE
+                        && s->statem.hand_state != TLS_ST_SW_KEY_UPDATE)) {
+                    if (!ssl3_finish_mac(s, p, xlen)) {
+                        return -1;
+                    }
+                }
             }
 
             if (written == s->init_num) {