Factor out alert handing code in the legacy stack. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2022-02-21 18:22:20 +0000
committer	jsing <>	2022-02-21 18:22:20 +0000
commit	a59b14b2d3f8047fe5b687d37304433773603a3f (patch)
tree	b58aa2f628b6d8b36920b544c96c0647c2281969 /src/lib/libcrypto/x509/x509_cmp.c
parent	194ce8d94cd74f12663cf8ca258294804ca1aabf (diff)
download	openbsd-a59b14b2d3f8047fe5b687d37304433773603a3f.tar.gz openbsd-a59b14b2d3f8047fe5b687d37304433773603a3f.tar.bz2 openbsd-a59b14b2d3f8047fe5b687d37304433773603a3f.zip

Factor out alert handing code in the legacy stack.libressl-v3.5.0

Pull out the code that processes incoming alerts - a chunk of the complexity is due to the fact that in TLSv1.2 and earlier, alerts can be fragmented across multiple records or multiple alerts can be delivered in a single record. In DTLS there is no way that we can reassemble fragmented alerts (although the RFC is silent on this), however we could have multiple alerts in the same record. This change means that we will handle this situation more appropriately and if we encounter a fragmented alert we will now treat this as a decode error (instead of silently ignoring it). ok beck@ tb@

Diffstat (limited to 'src/lib/libcrypto/x509/x509_cmp.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: