[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Matt Caswell
matt at openssl.org
Tue Mar 21 16:24:11 UTC 2017
The branch OpenSSL_1_0_2-stable has been updated
via 8ed92460b7a4a2a310f1b0dde6e36f9055f5b87b (commit)
from ffcdb0e6efb6fb7033b2cd29e8cca2e2fe355c14 (commit)
- Log -----------------------------------------------------------------
commit 8ed92460b7a4a2a310f1b0dde6e36f9055f5b87b
Author: Matt Caswell <matt at openssl.org>
Date: Tue Mar 21 16:12:37 2017 +0000
Fix BAD CCS alert in DTLS
Set the correct variable, and then actually send the alert!
Found by, and fix suggested by, Raja Ashok.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3009)
-----------------------------------------------------------------------
Summary of changes:
ssl/d1_pkt.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 7a02459..10586fe 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -1323,9 +1323,9 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
/* XDTLS: check that epoch is consistent */
if ((rr->length != ccs_hdr_len) ||
(rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) {
- i = SSL_AD_ILLEGAL_PARAMETER;
+ al = SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_CHANGE_CIPHER_SPEC);
- goto err;
+ goto f_err;
}
rr->length = 0;
More information about the openssl-commits
mailing list