Skip to content
  • Emilia Kasper's avatar
    Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset · e94a6c0e
    Emilia Kasper authored
    
    once the ChangeCipherSpec message is received. Previously, the server would
    set the flag once at SSL3_ST_SR_CERT_VRFY and again at SSL3_ST_SR_FINISHED.
    This would allow a second CCS to arrive and would corrupt the server state.
    
    (Because the first CCS would latch the correct keys and subsequent CCS
    messages would have to be encrypted, a MitM attacker cannot exploit this,
    though.)
    
    Thanks to Joeri de Ruiter for reporting this issue.
    
    Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
    e94a6c0e
To find the state of this project's repository at the time of any of these versions, check out the tags.