artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 30f8261) | patch
Rewrite legacy TLS unexpected handshake message handling.
authorjsing <jsing@openbsd.org>
Thu, 17 Mar 2022 17:28:08 +0000 (17:28 +0000)
committerjsing <jsing@openbsd.org>
Thu, 17 Mar 2022 17:28:08 +0000 (17:28 +0000)
commitd7e52203aed1b0078cb22e292bec4bb116195cdf
tree2e9de51f98fa047a8e8234c0a43349d9b38d336atree | snapshot
parent30f8261220eb5651303e61ce9f5948b2e29287a5commit | diff
Rewrite legacy TLS unexpected handshake message handling.

Rewrite the code that handles unexpected handshake messages in the legacy
TLS stack. Parse the TLS message header up front, then process it based on
the message type. Overall the code should be more strict and we should
reject various invalid messages that would have previously been accepted.

I also reviewed steve's experimental code and fixed the bug that it
contained.

ok inoguchi@ tb@
lib/libssl/ssl_pkt.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim