openssl/ssl
Matt Caswell 3409a5ff8a Don't restrict the number of KeyUpdate messages we can process
Prior to this commit we were keeping a count of how many KeyUpdates we
have processed and failing if we had had too many. This simplistic approach
is not sufficient for long running connections. Since many KeyUpdates
would not be a particular good DoS route anyway, the simplest solution is
to simply remove the key update count.

Fixes #8068

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/8299)
2019-02-22 18:29:41 +00:00
..
record Don't interleave handshake and other record types in TLSv1.3 2019-02-19 09:32:41 +00:00
statem Don't restrict the number of KeyUpdate messages we can process 2019-02-22 18:29:41 +00:00
bio_ssl.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
build.info
d1_lib.c Use (D)TLS_MAX_VERSION_INTERNAL internally 2018-12-15 12:52:02 +01:00
d1_msg.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
d1_srtp.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
methods.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
packet_locl.h Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
packet.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
pqueue.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
s3_cbc.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
s3_enc.c Eliminate unused buffers from ssl3_change_cipher_state 2019-01-03 14:17:31 +00:00
s3_lib.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
s3_msg.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
ssl_asn1.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
ssl_cert_table.h Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
ssl_cert.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
ssl_ciph.c Add missing entries in ssl_mac_pkey_id 2019-01-15 11:40:39 +00:00
ssl_conf.c Add option to disable Extended Master Secret 2019-02-15 10:11:18 +00:00
ssl_err.c Don't interleave handshake and other record types in TLSv1.3 2019-02-19 09:32:41 +00:00
ssl_init.c More configurable crypto and ssl library initialization 2019-01-07 14:02:28 -05:00
ssl_lib.c Ignore cipher suites when setting cipher list 2019-02-14 13:54:56 +00:00
ssl_locl.h Don't restrict the number of KeyUpdate messages we can process 2019-02-22 18:29:41 +00:00
ssl_mcnf.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
ssl_rsa.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
ssl_sess.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
ssl_stat.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
ssl_txt.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
ssl_utst.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
t1_enc.c Remove unused variables from tls1_change_cipher_state 2019-01-03 14:17:31 +00:00
t1_lib.c Use (D)TLS_MAX_VERSION_INTERNAL internally 2018-12-15 12:52:02 +01:00
t1_trce.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00
tls13_enc.c Don't get the mac type in TLSv1.3 2019-01-15 11:40:39 +00:00
tls_srp.c Following the license change, modify the boilerplates in ssl/ 2018-12-06 14:20:59 +01:00