add missing part for SGC restart fix (CVE-2011-4619)

author Dr. Stephen Henson <steve@openssl.org>

Wed, 4 Jan 2012 16:46:10 +0000 (16:46 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Wed, 4 Jan 2012 16:46:10 +0000 (16:46 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Wed, 4 Jan 2012 16:46:10 +0000 (16:46 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Wed, 4 Jan 2012 16:46:10 +0000 (16:46 +0000)
diff --git a/ssl/ssl3.h b/ssl/ssl3.h

index baaa89e717073dff29eb0b0c123358f54104435c..9c2c41287a5c70e31e82c10049eb4f01feb15f42 100644 (file)
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -379,6 +379,17 @@ typedef struct ssl3_buffer_st
  #define SSL3_FLAGS_POP_BUFFER                  0x0004
  #define TLS1_FLAGS_TLS_PADDING_BUG             0x0008
  #define TLS1_FLAGS_SKIP_CERT_VERIFY            0x0010
+ 
+/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
+ * restart a handshake because of MS SGC and so prevents us
+ * from restarting the handshake in a loop. It's reset on a
+ * renegotiation, so effectively limits the client to one restart
+ * per negotiation. This limits the possibility of a DDoS
+ * attack where the client handshakes in a loop using SGC to
+ * restart. Servers which permit renegotiation can still be
+ * effected, but we can't prevent that.
+ */
+#define SSL3_FLAGS_SGC_RESTART_DONE            0x0040
  
  typedef struct ssl3_state_st
         {
author	Dr. Stephen Henson <steve@openssl.org>
	Wed, 4 Jan 2012 16:46:10 +0000 (16:46 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Wed, 4 Jan 2012 16:46:10 +0000 (16:46 +0000)