Skip to content
Commit 249a3e36 authored by Emilia Kasper's avatar Emilia Kasper
Browse files

Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset


once the ChangeCipherSpec message is received. Previously, the server would
set the flag once at SSL3_ST_SR_CERT_VRFY and again at SSL3_ST_SR_FINISHED.
This would allow a second CCS to arrive and would corrupt the server state.

(Because the first CCS would latch the correct keys and subsequent CCS
messages would have to be encrypted, a MitM attacker cannot exploit this,
though.)

Thanks to Joeri de Ruiter for reporting this issue.

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(cherry picked from commit e94a6c0e)

Conflicts:
	CHANGES
	ssl/s3_srvr.c
parent 15d717f5
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment