Skip to content
  1. Jun 10, 2015
  2. Jun 09, 2015
  3. Jun 08, 2015
  4. Jun 07, 2015
  5. Jun 06, 2015
  6. Jun 04, 2015
  7. Jun 03, 2015
  8. Jun 02, 2015
  9. May 31, 2015
    • Matt Caswell's avatar
      Check the message type requested is the type received in DTLS · 8c2b1d87
      Matt Caswell authored
      
      
      dtls1_get_message has an |mt| variable which is the type of the message that
      is being requested. If it is negative then any message type is allowed.
      However the value of |mt| is not checked in one of the main code paths, so a
      peer can send a message of a completely different type and it will be
      processed as if it was the message type that we were expecting. This has
      very little practical consequences because the current behaviour will still
      fail when the format of the message isn't as expected.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      8c2b1d87