Fix a bug caused by the return value being set early to signal successful - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2017-04-29 23:38:49 +0000
committer	jsing <>	2017-04-29 23:38:49 +0000
commit	15ac8a5d2905750a0c5228fc567414ccce869de6 (patch)
tree	cdb53bbcb885a011724e5972224f952b02be87c1 /src/lib/libcrypto/buffer/buffer.c
parent	7b5d4df5b0310fae9805458f5669616c62f1257d (diff)
download	openbsd-15ac8a5d2905750a0c5228fc567414ccce869de6.tar.gz openbsd-15ac8a5d2905750a0c5228fc567414ccce869de6.tar.bz2 openbsd-15ac8a5d2905750a0c5228fc567414ccce869de6.zip

Fix a bug caused by the return value being set early to signal successful

DTLS cookie validation. This can mask a later failure and result in a positive return value being returned from ssl3_get_client_hello(), when it should return a negative value to propagate the error. Ironically this was introduced in OpenSSL 2e9802b7a7b with the commit message "Fix DTLS cookie management bugs". Fix based on OpenSSL. Issue reported by Nicolas Bouliane <nbouliane at jive dot com>. ok beck@

Diffstat (limited to 'src/lib/libcrypto/buffer/buffer.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: