projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 15d717f) | patch
Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset
authorEmilia Kasper <emilia@openssl.org>
Wed, 19 Nov 2014 16:01:36 +0000 (17:01 +0100)
committerEmilia Kasper <emilia@openssl.org>
Thu, 20 Nov 2014 14:32:08 +0000 (15:32 +0100)
commit249a3e362fe406f8bc05cd3e69955a34a080b2b9
tree7075cf5e28831f66415f9a5be9e384fd8f53fa76tree | snapshot
parent15d717f574b2aad393f1f039ca0fbcd1a0886439commit | diff
Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset
once the ChangeCipherSpec message is received. Previously, the server would
set the flag once at SSL3_ST_SR_CERT_VRFY and again at SSL3_ST_SR_FINISHED.
This would allow a second CCS to arrive and would corrupt the server state.

(Because the first CCS would latch the correct keys and subsequent CCS
messages would have to be encrypted, a MitM attacker cannot exploit this,
though.)

Thanks to Joeri de Ruiter for reporting this issue.

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit e94a6c0ede623960728415b68650a595e48f5a43)

Conflicts:
CHANGES
ssl/s3_srvr.c
CHANGES diff | blob | history
ssl/d1_clnt.c diff | blob | history
ssl/d1_srvr.c diff | blob | history
ssl/dtls1.h diff | blob | history
ssl/s3_clnt.c diff | blob | history
ssl/s3_srvr.c diff | blob | history
ssl/ssl3.h diff | blob | history
ssl/t1_lib.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.