mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity
08455bc9b0
openssl/ssl
History
Matt Caswell 08455bc9b0 Tolerate DTLS alerts with an incorrect version number 
In the case of a protocol version alert being sent by a peer the record
version number may not be what we are expecting. In DTLS records with an
unexpected version number are silently discarded. This probably isn't
appropriate for alerts, so we tolerate a mismatch in the minor version
number.

This resolves an issue reported on openssl-users where an OpenSSL server
chose DTLS1.0 but the client was DTLS1.2 only and sent a protocol_version
alert with a 1.2 record number. This was silently ignored by the server.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5018)
2018-01-09 22:00:53 +00:00
..
record Tolerate DTLS alerts with an incorrect version number 2018-01-09 22:00:53 +00:00
statem Update copyright years on all files merged since Jan 1st 2018 2018-01-09 05:49:01 +01:00
bio_ssl.c Add comments to NULL func ptrs in bio_method_st 2017-12-18 07:04:48 +10:00
build.info
d1_lib.c More record layer conversions to use SSLfatal() 2017-12-08 16:42:02 +00:00
d1_msg.c
d1_srtp.c
methods.c
packet_locl.h
packet.c
pqueue.c
s3_cbc.c
s3_enc.c Fix some formatting nits 2017-12-04 13:37:01 +00:00
s3_lib.c Alternate fix for ../test/recipes/80-test_ssl_old.t with no-ec 2017-12-27 16:37:22 +01:00
s3_msg.c
ssl_asn1.c
ssl_cert_table.h
ssl_cert.c Update copyright years on all files merged since Jan 1st 2018 2018-01-09 05:49:01 +01:00
ssl_ciph.c Stop using unimplemented cipher classes. 2018-01-06 15:14:57 +01:00
ssl_conf.c Send a CCS after ServerHello in TLSv1.3 if using middlebox compat mode 2017-12-14 15:06:37 +00:00
ssl_err.c Send supported_versions in an HRR 2017-12-14 15:06:37 +00:00
ssl_init.c In OPENSSL_init_ssl(), run the base ssl init before OPENSSL_init_crypto() 2017-12-08 16:08:39 +01:00
ssl_lib.c Disable partial writes for early data 2017-12-28 17:32:41 +00:00
ssl_locl.h Fix minor 'the the' typos 2018-01-02 15:30:22 +00:00
ssl_mcnf.c
ssl_rsa.c
ssl_sess.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
ssl_stat.c Merge HRR into ServerHello 2017-12-14 15:06:37 +00:00
ssl_txt.c
ssl_utst.c
t1_enc.c Convert more functions in ssl/statem/statem.c to use SSLfatal() 2017-12-04 13:31:48 +00:00
t1_lib.c Update copyright years on all files merged since Jan 1st 2018 2018-01-09 05:49:01 +01:00
t1_trce.c Update copyright years on all files merged since Jan 1st 2018 2018-01-09 05:49:01 +01:00
tls13_enc.c Convert more functions in ssl/statem/statem.c to use SSLfatal() 2017-12-04 13:31:48 +00:00
tls_srp.c Convert remaining functions in statem_clnt.c to use SSLfatal() 2017-12-04 13:31:48 +00:00