CHANGES · e94a6c0ede623960728415b68650a595e48f5a43 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL · GitLab

Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset · e94a6c0e

Emilia Kasper authored Nov 19, 2014


once the ChangeCipherSpec message is received. Previously, the server would
set the flag once at SSL3_ST_SR_CERT_VRFY and again at SSL3_ST_SR_FINISHED.
This would allow a second CCS to arrive and would corrupt the server state.

(Because the first CCS would latch the correct keys and subsequent CCS
messages would have to be encrypted, a MitM attacker cannot exploit this,
though.)

Thanks to Joeri de Ruiter for reporting this issue.

Reviewed-by: Matt Caswell <matt@openssl.org>

e94a6c0e

To find the state of this project's repository at the time of any of these versions, check out the tags.