Tighten up logic around ChangeCipherSpec.
ChangeCipherSpec messages have a defined value. They also may not occur in the middle of a handshake message. The current logic will accept a ChangeCipherSpec with value 2. It also would accept up to three bytes of handshake data before the ChangeCipherSpec which it would discard (because s->init_num gets reset). Instead, require that s->init_num is 0 when a ChangeCipherSpec comes in. RT#4391 Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
parent
46417569
Please register or sign in to comment