From: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu, 8 Dec 2022 11:41:34 +0000 (+0100)
Subject: Forbid unsolicited CompressedCertificate message
X-Git-Tag: 3.8.0~10^2~2
X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=2fba40f1efeb8cf23ca2bb295c684888075ca505;p=thirdparty%2Fgnutls.git

Forbid unsolicited CompressedCertificate message

Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
---

diff --git a/lib/ext/compress_certificate.c b/lib/ext/compress_certificate.c
index 2d0baa6262..66dd9e9275 100644
--- a/lib/ext/compress_certificate.c
+++ b/lib/ext/compress_certificate.c
@@ -263,6 +263,8 @@ _gnutls_compress_certificate_send_params(gnutls_session_t session,
 	if (ret < 0)
 		return gnutls_assert_val(ret);
 
+	session->internals.hsk_flags |= HSK_COMP_CRT_REQ_SENT;
+
 	return bytes_len + 1;
 }
 
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 19da7fcee8..567d34f365 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -1357,6 +1357,7 @@ typedef struct {
 #define HSK_HRR_SENT (1<<3)
 #define HSK_HRR_RECEIVED (1<<4)
 #define HSK_CRT_REQ_SENT (1<<5)
+#define HSK_COMP_CRT_REQ_SENT (1<<6) /* whether certificate compression has been requested */
 #define HSK_KEY_UPDATE_ASKED (1<<7) /* flag is not used during handshake */
 #define HSK_FALSE_START_USED (1<<8) /* TLS1.2 only */
 #define HSK_HAVE_FFDHE (1<<9) /* whether the peer has advertized at least an FFDHE group */
diff --git a/lib/tls13/certificate.c b/lib/tls13/certificate.c
index 065bb9a62a..4059db38de 100644
--- a/lib/tls13/certificate.c
+++ b/lib/tls13/certificate.c
@@ -60,7 +60,7 @@ int _gnutls13_recv_certificate(gnutls_session_t session)
 	if (ret == GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET) {
 		/* check if we received compressed certificate */
 		err = _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, 0, &buf);
-		if (err >= 0) {
+		if (err >= 0 && (session->internals.hsk_flags & HSK_COMP_CRT_REQ_SENT)) {
 			decompress_cert = 1;
 			ret = err;
 		}