[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Matt Caswell
matt at openssl.org
Tue Jan 10 12:37:40 UTC 2017
The branch OpenSSL_1_1_0-stable has been updated
via dc4667333bf5b712aa3c17b9713a6dda32d5feb1 (commit)
from db2fed4443042db3e7921810d944cfd15d347d08 (commit)
- Log -----------------------------------------------------------------
commit dc4667333bf5b712aa3c17b9713a6dda32d5feb1
Author: Matt Caswell <matt at openssl.org>
Date: Mon Jan 9 17:29:44 2017 +0000
Mark a HelloRequest record as read if we ignore it
Otherwise the client will try to process it again. The second time around
it will try and move the record data into handshake fragment storage and
realise that there is no data left. At that point it marks it as read
anyway. However, it is a bug that we go around the loop a second time, so
we prevent that.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2200)
(cherry picked from commit 290a0419f0c13a30fb3a1d1a279125c8aeafd17e)
-----------------------------------------------------------------------
Summary of changes:
ssl/record/rec_layer_s3.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index da1999b..fdc8190 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1297,7 +1297,12 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
return (-1);
}
}
+ } else {
+ SSL3_RECORD_set_read(rr);
}
+ } else {
+ /* Does this ever happen? */
+ SSL3_RECORD_set_read(rr);
}
/*
* we either finished a handshake or ignored the request, now try
More information about the openssl-commits
mailing list