Merge branch 'ia/ssl/rizzoduong_beast_countermeasure/OTP-9757'

* ia/ssl/rizzoduong_beast_countermeasure/OTP-9757:
  Implementation of 1/n-1 splitting countermeasure Rizzo/Duong-Beast

4 files changed, 130 insertions, 12 deletions

diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index fc8aafa426..21a9cd3bdb 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -394,8 +394,8 @@ controlling_process(Config) when is_list(Config) ->
     ClientOpts = ?config(client_opts, Config),
     ServerOpts = ?config(server_opts, Config),
     {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
-    ClientMsg = "Hello server",
-    ServerMsg = "Hello client",
+    ClientMsg = "Server hello",
+    ServerMsg = "Client hello",
    
     Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0}, 
 					{from, self()}, 
@@ -416,11 +416,15 @@ controlling_process(Config) when is_list(Config) ->
 		       [self(), Client, Server]),
     
     receive 
+	{ssl, _, "S"} ->
+	    receive_s_rizzo_duong_beast();
 	{ssl, _, ServerMsg} ->
 	    receive 
 		{ssl, _, ClientMsg} ->
 		    ok
 	    end;
+	{ssl, _, "C"} ->
+	    receive_c_rizzo_duong_beast();
 	{ssl, _, ClientMsg} ->
 	      receive 
 		  {ssl, _, ServerMsg} ->
@@ -441,6 +445,28 @@ controlling_process_result(Socket, Pid, Msg) ->
     ssl:send(Socket, Msg),
     no_result_msg.
 
+receive_s_rizzo_duong_beast() ->
+    receive 
+	{ssl, _, "erver hello"} ->
+	    receive 
+		{ssl, _, "C"} ->
+		    receive
+			{ssl, _, "lient hello"} ->
+			    ok
+		    end
+	    end
+    end.
+receive_c_rizzo_duong_beast() ->
+    receive 
+	{ssl, _, "lient hello"} ->
+	    receive
+		{ssl, _, "S"} ->
+		    receive
+			{ssl, _, "erver hello"} ->
+			    ok
+		    end
+	    end
+    end.
 %%--------------------------------------------------------------------
 controller_dies(doc) -> 
     ["Test that the socket is closed after controlling process dies"];
@@ -1232,6 +1258,11 @@ upgrade_result(Socket) ->
     %% Make sure binary is inherited from tcp socket and that we do
     %% not get the list default!
     receive 
+	{ssl, _, <<"H">>} ->
+	    receive 
+		{ssl, _, <<"ello world">>} ->
+		    ok
+	    end;
 	{ssl, _, <<"Hello world">>}  ->
 	    ok
     end.
@@ -2341,7 +2372,7 @@ server_verify_client_once_active(Config) when is_list(Config) ->
     Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0}, 
 					{from, self()}, 
 					{mfa, {?MODULE, send_recv_result_active, []}},
-					{options, [{active, once}, {verify, verify_peer},
+					{options, [{active, true}, {verify, verify_peer},
 						   {verify_client_once, true}
 						   | ServerOpts]}]),
     Port  = ssl_test_lib:inet_port(Server),
@@ -2725,17 +2756,28 @@ client_no_wrap_sequence_number(Config) when is_list(Config) ->
 				   {options, ServerOpts}]),
     Port = ssl_test_lib:inet_port(Server),
  
+    Version = ssl_record:highest_protocol_version(ssl_record:supported_protocol_versions()),
+
     Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port}, 
 					{host, Hostname},
 					{from, self()}, 
 					{mfa, {ssl_test_lib, 
-					       trigger_renegotiate, [[ErlData, N+2]]}},
+					       trigger_renegotiate, [[ErlData, treashold(N, Version)]]}},
 					{options, [{reuse_sessions, false},
 						   {renegotiate_at, N} | ClientOpts]}]),
     
     ssl_test_lib:check_result(Client, ok), 
     ssl_test_lib:close(Server),
     ssl_test_lib:close(Client).
+
+ %% First two clauses handles 1/n-1 splitting countermeasure Rizzo/Duong-Beast
+treashold(N, {3,0}) ->
+    (N div 2) + 1;
+treashold(N, {3,1}) ->
+    (N div 2) + 1;
+treashold(N, _) ->
+    N + 1.
+    
 %%--------------------------------------------------------------------
 server_no_wrap_sequence_number(doc) -> 
     ["Test that erlang server will renegotiate session when",  
@@ -3693,6 +3735,11 @@ send_recv_result(Socket) ->
 send_recv_result_active(Socket) ->
     ssl:send(Socket, "Hello world"),
     receive 
+	{ssl, Socket, "H"} ->
+	    receive 
+		{ssl, Socket, "ello world"} ->
+		    ok
+	    end;
 	{ssl, Socket, "Hello world"} ->
 	    ok
     end.
@@ -3700,6 +3747,12 @@ send_recv_result_active(Socket) ->
 send_recv_result_active_once(Socket) ->
     ssl:send(Socket, "Hello world"),
     receive 
+	{ssl, Socket, "H"} ->
+	    ssl:setopts(Socket, [{active, once}]),
+	    receive 
+		{ssl, Socket, "ello world"} ->
+		    ok
+	    end;
 	{ssl, Socket, "Hello world"} ->
 	    ok
     end.
@@ -3727,7 +3780,13 @@ renegotiate_reuse_session(Socket, Data) ->
 renegotiate_immediately(Socket) ->
     receive 
 	{ssl, Socket, "Hello world"} ->
-	    ok
+	    ok;
+	%% Handle 1/n-1 splitting countermeasure Rizzo/Duong-Beast
+	{ssl, Socket, "H"} ->
+	    receive 
+		{ssl, Socket, "ello world"} ->
+		    ok
+	    end
     end,
     ok = ssl:renegotiate(Socket),  
     {error, renegotiation_rejected} = ssl:renegotiate(Socket),
@@ -3910,6 +3969,9 @@ erlang_ssl_receive(Socket, Data) ->
 	{ssl, Socket, Data} ->
 	    io:format("Received ~p~n",[Data]),
 	    ok;
+	{ssl, Socket, Byte} when length(Byte) == 1 ->  %% Handle 1/n-1 splitting countermeasure Rizzo/Duong-Beast
+	    io:format("Received ~p~n",[Byte]),
+	    erlang_ssl_receive(Socket, tl(Data));
 	Other ->
 	    test_server:fail({unexpected_message, Other})
     after ?SLEEP * 3 ->
diff --git a/lib/ssl/test/ssl_packet_SUITE.erl b/lib/ssl/test/ssl_packet_SUITE.erl
index 9d2599b778..4b74f57a60 100644
--- a/lib/ssl/test/ssl_packet_SUITE.erl
+++ b/lib/ssl/test/ssl_packet_SUITE.erl
@@ -158,14 +158,24 @@ all() ->
      packet_asn1_decode, packet_asn1_decode_list,
      packet_tpkt_decode, packet_tpkt_decode_list,
      packet_sunrm_decode, packet_sunrm_decode_list,
-     header_decode_one_byte, header_decode_two_bytes,
-     header_decode_two_bytes_one_sent,
-     header_decode_two_bytes_two_sent].
+     {group, header}
+    ].
 
 groups() -> 
-    [].
+    [{header, [], [ header_decode_one_byte,  
+		    header_decode_two_bytes, 
+		    header_decode_two_bytes_one_sent,
+		    header_decode_two_bytes_two_sent]}].
+
+init_per_group(header, Config) ->
+    case ssl_record:highest_protocol_version(ssl_record:supported_protocol_versions()) of
+	{3, N} when N < 2 ->
+	    {skip, ""};
+	_ ->
+	    Config
+    end;
 
-init_per_group(_GroupName, Config) ->
+init_per_group(_, Config) ->
     Config.
 
 end_per_group(_GroupName, Config) ->
@@ -2626,6 +2636,13 @@ active_once_raw(_, _, 0, _) ->
     ok;
 active_once_raw(Socket, Data, N, Acc) ->
     receive 
+	{ssl, Socket, Byte} when length(Byte) == 1 ->
+	    ssl:setopts(Socket, [{active, once}]),
+	    receive 
+		{ssl, Socket, _} ->
+		    ssl:setopts(Socket, [{active, once}]),
+		    active_once_raw(Socket, Data, N-1, [])
+	    end;
 	{ssl, Socket, Data} ->
 	    ssl:setopts(Socket, [{active, once}]),
 	    active_once_raw(Socket, Data, N-1, []);
@@ -2648,7 +2665,14 @@ active_once_packet(Socket,_, 0) ->
 	    {other, Other, ssl:session_info(Socket), 0}
     end;
 active_once_packet(Socket, Data, N) ->
-    receive 
+    receive 	
+	{ssl, Socket, Byte} when length(Byte) == 1 ->
+	    ssl:setopts(Socket, [{active, once}]),
+	    receive 
+		{ssl, Socket, _} ->
+		    ssl:setopts(Socket, [{active, once}]),
+		    active_once_packet(Socket, Data, N-1)
+	    end;
 	{ssl, Socket, Data} ->
 	    ok
     end,
@@ -2662,6 +2686,11 @@ active_raw(_Socket, _, 0, _) ->
     ok;
 active_raw(Socket, Data, N, Acc) ->
     receive 
+	{ssl, Socket, Byte} when length(Byte) == 1 ->
+	    receive
+		{ssl, Socket, _} ->
+		    active_raw(Socket, Data, N -1)
+	    end;
 	{ssl, Socket, Data} ->
 	    active_raw(Socket, Data, N-1, []);
 	{ssl, Socket, Other} ->
@@ -2682,6 +2711,11 @@ active_packet(Socket, _, 0) ->
     end;
 active_packet(Socket, Data, N) ->
     receive 
+	{ssl, Socket, Byte} when length(Byte) == 1 ->
+	    receive
+		{ssl, Socket, _} ->
+		    active_packet(Socket, Data, N -1)
+		end;
 	{ssl, Socket, Data} ->
 	    active_packet(Socket, Data, N -1);
 	Other ->
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index 46a8112a41..019ea61f37 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -662,6 +662,9 @@ cipher_result(Socket, Result) ->
     %% to properly test "cipher state" handling
     ssl:send(Socket, "Hello\n"),
     receive 
+	{ssl, Socket, "H"} ->
+	    ssl:send(Socket, " world\n"),
+	    receive_rizzo_duong_beast();
 	{ssl, Socket, "Hello\n"} ->
 	    ssl:send(Socket, " world\n"),
 	    receive
@@ -687,3 +690,16 @@ public_key(#'PrivateKeyInfo'{privateKeyAlgorithm =
     public_key:der_decode('DSAPrivateKey', iolist_to_binary(Key));
 public_key(Key) ->
     Key.
+
+
+receive_rizzo_duong_beast() ->
+    receive 
+	{ssl, _, "ello\n"} ->
+	    receive 
+		{ssl, _, " "} ->
+		    receive
+			{ssl, _, "world\n"} ->
+			    ok
+		    end
+	    end
+    end.
diff --git a/lib/ssl/test/ssl_to_openssl_SUITE.erl b/lib/ssl/test/ssl_to_openssl_SUITE.erl
index f37baeb9de..f04ab9af50 100644
--- a/lib/ssl/test/ssl_to_openssl_SUITE.erl
+++ b/lib/ssl/test/ssl_to_openssl_SUITE.erl
@@ -849,7 +849,9 @@ ssl3_erlang_server_erlang_client_client_cert(Config) when is_list(Config) ->
     Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0}, 
 					{from, self()}, 
 					{mfa, {?MODULE, 
-					       erlang_ssl_receive, [Data]}},
+					       erlang_ssl_receive, 
+					       %% Due to 1/n-1 splitting countermeasure Rizzo/Duong-Beast
+					       [Data]}},
 					{options, 
 					 [{verify , verify_peer} 
 					  | ServerOpts]}]),
@@ -858,6 +860,7 @@ ssl3_erlang_server_erlang_client_client_cert(Config) when is_list(Config) ->
     Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port}, 
 					{host, Hostname},
 					{from, self()}, 
+					%% Due to 1/n-1 splitting countermeasure Rizzo/Duong-Beast
 					{mfa, {ssl, send, [Data]}},
 					{options, 
 					 [{versions, [sslv3]} | ClientOpts]}]),
@@ -869,6 +872,7 @@ ssl3_erlang_server_erlang_client_client_cert(Config) when is_list(Config) ->
     process_flag(trap_exit, false),
     ok.
 
+
 %%--------------------------------------------------------------------
 
 tls1_erlang_client_openssl_server(doc) ->
@@ -1350,6 +1354,8 @@ erlang_ssl_receive(Socket, Data) ->
 	    %% open_ssl server sometimes hangs waiting in blocking read
 	    ssl:send(Socket, "Got it"), 
 	    ok;
+	{ssl, Socket, Byte} when length(Byte) == 1 ->
+	    erlang_ssl_receive(Socket, tl(Data));
 	{Port, {data,Debug}} when is_port(Port) ->
 	    io:format("openssl ~s~n",[Debug]),
 	    erlang_ssl_receive(Socket,Data);