mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-23 14:42:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
1257adecd4
openssl/ssl
History
David Benjamin 1257adecd4 Tighten up logic around ChangeCipherSpec. 
ChangeCipherSpec messages have a defined value. They also may not occur
in the middle of a handshake message. The current logic will accept a
ChangeCipherSpec with value 2. It also would accept up to three bytes of
handshake data before the ChangeCipherSpec which it would discard
(because s->init_num gets reset).

Instead, require that s->init_num is 0 when a ChangeCipherSpec comes in.

RT#4391

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-20 14:20:11 +01:00
..
record Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
statem Tighten up logic around ChangeCipherSpec. 2016-05-20 14:20:11 +01:00
bio_ssl.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
build.info Update build.info files for auto-init/de-init 2016-02-09 15:11:38 +00:00
d1_lib.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
d1_msg.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
d1_srtp.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
methods.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
packet_locl.h Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
pqueue.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
s3_cbc.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
s3_enc.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
s3_lib.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
s3_msg.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_asn1.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_cert.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_ciph.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_conf.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_err.c Fix an error code spelling. 2016-04-28 14:22:26 -04:00
ssl_init.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_lib.c Simplify SSL BIO buffering logic 2016-05-20 14:11:11 +01:00
ssl_locl.h Simplify SSL BIO buffering logic 2016-05-20 14:11:11 +01:00
ssl_mcnf.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_rsa.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_sess.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_stat.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_txt.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_utst.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_enc.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_ext.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_lib.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_reneg.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_trce.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
tls_srp.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00