summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_init.c
diff options
context:
space:
mode:
authortb <>2023-11-28 13:19:04 +0000
committertb <>2023-11-28 13:19:04 +0000
commit46107348a293c6705c99e4c1c478f0f02ec3abfb (patch)
treeb2aa716815fa7c1b8c0f2e5c5547467a8e108baf /src/lib/libssl/ssl_init.c
parent696efe761eacd6872932fb223f3b1c3c84f0adf3 (diff)
downloadopenbsd-46107348a293c6705c99e4c1c478f0f02ec3abfb.tar.gz
openbsd-46107348a293c6705c99e4c1c478f0f02ec3abfb.tar.bz2
openbsd-46107348a293c6705c99e4c1c478f0f02ec3abfb.zip
Switch to legacy method late in tls13_use_legacy_stack()
If memory allocation of s->init_buf fails in ssl3_setup_init_buffer() during downgrade to the legacy stack, the legacy state machine would resume with an incorrectly set up SSL, resulting in a NULL dereference. The fix is to switch to the legacy method only after the SSL is fully set up. There is a second part to this fix, which will be committed once we manage to agree on the color of the bikeshed. Detailed analysis and patch from Masaru Masuda, many thanks! https://github.com/libressl/openbsd/issues/146 ok jsing
Diffstat (limited to 'src/lib/libssl/ssl_init.c')
0 files changed, 0 insertions, 0 deletions