Check HelloRetryRequest cipher consistency earlier.

CVE-2023-23759 Co-authored-by: Facebook Community Bot <6422482+facebook-github-bot@users.noreply.github.com> Differential Revision: D42508182
facebookincubator · Jan 20, 2023 · 8d36498 · 8d36498
1 parent 0d3da69
commit 8d36498
Showing 1 changed file with 6 additions and 6 deletions.
diff --git a/fizz/server/ServerProtocol.cpp b/fizz/server/ServerProtocol.cpp
@@ -1214,6 +1214,12 @@ EventHandler<ServerTypes, StateEnum::ExpectingClientHello, Event::ClientHello>::
 
   auto cipher = negotiateCipher(chlo, state.context()->getSupportedCiphers());
 
+  if (state.cipher().has_value() && cipher != *state.cipher()) {
+    throw FizzException(
+        "cipher mismatch with previous negotiation",
+        AlertDescription::illegal_parameter);
+  }
+
   verifyCookieState(cookieState, *version, cipher);
 
   auto resStateResult = getResumptionState(
@@ -1284,12 +1290,6 @@ EventHandler<ServerTypes, StateEnum::ExpectingClientHello, Event::ClientHello>::
             std::move(state.handshakeContext()),
             version);
 
-        if (state.cipher().has_value() && cipher != *state.cipher()) {
-          throw FizzException(
-              "cipher mismatch with previous negotiation",
-              AlertDescription::illegal_parameter);
-        }
-
         auto alpn = negotiateAlpn(chlo, folly::none, *state.context());
 
         auto clockSkew = getClockSkew(