Client Out Of Order Messaging Checking

1. Add macro for logging an expected message.
2. Add an expected message ID to the HandshakeInfo.
3. Add a message ID for "none (0)".
4. Add a check in IsMessageAllowedClient() for the expected message ID.
   Clear it if successful.
5. The KEXDH messages sent to the server have expected responses. Set
   them if sending the message is successful.

Author: ejohnstown

src/internal.c

@@ -638,6 +638,18 @@ INLINE static int IsMessageAllowedServer(WOLFSSH *ssh, byte msg)
 #ifndef NO_WOLFSSH_CLIENT
 INLINE static int IsMessageAllowedClient(WOLFSSH *ssh, byte msg)
 {
+    /* Is KEX complete? */
+    if (ssh->connectState < CONNECT_KEYED && ssh->handshake) {
+        /* If expecting a specific message, and didn't receive it, error. */
+        if (ssh->handshake->expectMsgId != MSGID_NONE) {
+            if (msg != ssh->handshake->expectMsgId) {
+                WLOG(WS_LOG_DEBUG, "Message ID %u not the expected message %u",
+                        msg, ssh->handshake->expectMsgId);
+                return 0;
+            }
+            ssh->handshake->expectMsgId = MSGID_NONE;
+        }
+    }
     /* Has client userauth started? */
     if (ssh->connectState < CONNECT_CLIENT_KEXDH_INIT_SENT) {
         if (msg >= MSGID_KEXDH_LIMIT) {
@@ -12526,6 +12538,11 @@ int SendKexDhGexRequest(WOLFSSH* ssh)
     if (ret == WS_SUCCESS)
         ret = wolfSSH_SendPacket(ssh);
 
+    if (ret == WS_SUCCESS) {
+        WLOG_EXPECT_MSGID(MSGID_KEXDH_GEX_GROUP);
+        ssh->handshake->expectMsgId = MSGID_KEXDH_GEX_GROUP;
+    }
+
     WLOG(WS_LOG_DEBUG, "Leaving SendKexDhGexRequest(), ret = %d", ret);
     return ret;
 }
@@ -12614,6 +12631,7 @@ int SendKexDhInit(WOLFSSH* ssh)
 #endif
     int ret = WS_SUCCESS;
     byte msgId = MSGID_KEXDH_INIT;
+    byte expectMsgId = MSGID_KEXDH_REPLY;
     byte e[MAX_KEX_KEY_SZ+1]; /* plus 1 in case of padding. */
     word32 eSz = (word32)sizeof(e);
     byte  ePad = 0;
@@ -12665,6 +12683,7 @@ int SendKexDhInit(WOLFSSH* ssh)
             generator = ssh->handshake->generator;
             generatorSz = ssh->handshake->generatorSz;
             msgId = MSGID_KEXDH_GEX_INIT;
+            expectMsgId = MSGID_KEXDH_GEX_REPLY;
             break;
 #endif
 #ifndef WOLFSSH_NO_ECDH_SHA2_NISTP256
@@ -12876,6 +12895,11 @@ int SendKexDhInit(WOLFSSH* ssh)
     if (ret == WS_SUCCESS)
         ret = wolfSSH_SendPacket(ssh);
 
+    if (ret == WS_SUCCESS) {
+        WLOG_EXPECT_MSGID(expectMsgId);
+        ssh->handshake->expectMsgId = expectMsgId;
+    }
+
     WLOG(WS_LOG_DEBUG, "Leaving SendKexDhInit(), ret = %d", ret);
     return ret;
 }

wolfssh/internal.h

@@ -605,6 +605,7 @@ typedef struct Keys {
 
 
 typedef struct HandshakeInfo {
+    byte expectMsgId;
     byte kexId;
     byte kexIdGuess;
     byte kexHashId;
@@ -1178,6 +1179,7 @@ enum ProcessReplyStates {
 
 
 enum WS_MessageIds {
+    MSGID_NONE = 0,
     MSGID_DISCONNECT = 1,
     MSGID_IGNORE = 2,
     MSGID_UNIMPLEMENTED = 3,

wolfssh/log.h

@@ -76,6 +76,7 @@ WOLFSSH_API void wolfSSH_Log(enum wolfSSH_LogLevel,
                       if (wolfSSH_LogEnabled()) \
                           wolfSSH_Log(__VA_ARGS__); \
                   } while (0)
+#define WLOG_EXPECT_MSGID(x) WLOG(WS_LOG_DEBUG, "Expecting message %d", (x))
 
 
 #ifdef __cplusplus