Rewrite legacy TLS unexpected handshake message handling. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2022-03-17 17:28:08 +0000
committer	jsing <>	2022-03-17 17:28:08 +0000
commit	e43f72664814b516c70029cf02fd7327521d8b80 (patch)
tree	37d11738d2dfcfb9ba174aad716f2b29740674fd /src/lib/libtls
parent	296c22446a2c3bd5088375546bc4afc9b6fda98b (diff)
download	openbsd-e43f72664814b516c70029cf02fd7327521d8b80.tar.gz openbsd-e43f72664814b516c70029cf02fd7327521d8b80.tar.bz2 openbsd-e43f72664814b516c70029cf02fd7327521d8b80.zip

Rewrite legacy TLS unexpected handshake message handling.

Rewrite the code that handles unexpected handshake messages in the legacy TLS stack. Parse the TLS message header up front, then process it based on the message type. Overall the code should be more strict and we should reject various invalid messages that would have previously been accepted. I also reviewed steve's experimental code and fixed the bug that it contained. ok inoguchi@ tb@

Diffstat (limited to 'src/lib/libtls')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: