projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ad69a30) | patch
Fail if an unrecognised record type is received
authorMatt Caswell <matt@openssl.org>
Wed, 2 Nov 2016 22:26:17 +0000 (22:26 +0000)
committerMatt Caswell <matt@openssl.org>
Wed, 2 Nov 2016 22:26:17 +0000 (22:26 +0000)
commitf1185392189641014dca94f3fe7834bccb5f4c16
tree6b4b2887b155d80e294cc28b1a4447adeb607389tree | snapshot
parentad69a30323cbc6723c2387d6ce546a51b10c42d0commit | diff
Fail if an unrecognised record type is received

TLS1.0 and TLS1.1 say you SHOULD ignore unrecognised record types, but
TLS 1.2 says you MUST send an unexpected message alert. We swap to the
TLS 1.2 behaviour for all protocol versions to prevent issues where no
progress is being made and the peer continually sends unrecognised record
types, using up resources processing them.

Issue reported by 郭志攀

Reviewed-by: Tim Hudson <tjh@openssl.org>
ssl/s3_pkt.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.