Be selective as to when ChangeCipherSpec messages will be accepted. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2014-06-05 15:46:24 +0000
committer	jsing <>	2014-06-05 15:46:24 +0000
commit	936e992c50e8d5647745246accae318ebfd549d1 (patch)
tree	645cbc9565ca3ee2061f628e95849ce560cf786f /src/lib/libssl/d1_both.c
parent	7d1de1255391fe1fbf5be9441390f731e86ce9f2 (diff)
download	openbsd-936e992c50e8d5647745246accae318ebfd549d1.tar.gz openbsd-936e992c50e8d5647745246accae318ebfd549d1.tar.bz2 openbsd-936e992c50e8d5647745246accae318ebfd549d1.zip

Be selective as to when ChangeCipherSpec messages will be accepted.

Without this an early ChangeCipherSpec message would result in session keys being generated, along with the Finished hash for the handshake, using an empty master secret. For a detailed analysis see: https://www.imperialviolet.org/2014/06/05/earlyccs.html This is a fix for CVE-2014-0224, from OpenSSL. This issue was reported to OpenSSL by KIKUCHI Masashi. Unfortunately the recent OpenSSL commit was the first we were made aware of the issue. ok deraadt@ sthen@

Diffstat (limited to 'src/lib/libssl/d1_both.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: