Ensure the msg_callback is called on CCS receipt in TLSv1.3

CCS records are ignore in TLSv1.3. But we should still call the msg_callback anyway. Fixes #25166 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25169)
author: Matt Caswell <matt@openssl.org> 2024-08-12 16:41:56 +0100
committer: Tomas Mraz <tomas@openssl.org> 2024-08-15 20:17:39 +0200
commit: 8781087a69934cf45e201ac425d593b0e12a1538 (patch)
tree: 276a09f47fa90860de0d8f3ca9b15483420acb97
parent: 05681e0e3e47e0abc5ec3a4c12ddb0afcd66db37 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c
index 0d92bdce9b..0c2414f76e 100644
--- a/ssl/record/methods/tls_common.c
+++ b/ssl/record/methods/tls_common.c
@@ -750,8 +750,11 @@ int tls_get_more_records(OSSL_RECORD_LAYER *rl)
         }
         /*
          * CCS messages are ignored in TLSv1.3. We treat it like an empty
-         * handshake record
+         * handshake record - but we still call the msg_callback
          */
+        if (rl->msg_callback != NULL)
+            rl->msg_callback(0, TLS1_3_VERSION, SSL3_RT_CHANGE_CIPHER_SPEC,
+                             thisrr->data, 1, rl->cbarg);
         thisrr->type = SSL3_RT_HANDSHAKE;
         if (++(rl->empty_record_count) > MAX_EMPTY_RECORDS) {
             RLAYERfatal(rl, SSL_AD_UNEXPECTED_MESSAGE,
author	Matt Caswell <matt@openssl.org>	2024-08-12 16:41:56 +0100
committer	Tomas Mraz <tomas@openssl.org>	2024-08-15 20:17:39 +0200
commit	8781087a69934cf45e201ac425d593b0e12a1538 (patch)
tree	276a09f47fa90860de0d8f3ca9b15483420acb97
parent	05681e0e3e47e0abc5ec3a4c12ddb0afcd66db37 (diff)