From: Ulf Möller Date: Fri, 28 Dec 2001 17:14:35 +0000 (+0000) Subject: ssl3_read_bytes bug fix X-Git-Tag: OpenSSL-engine-0_9_6c^2^2~136 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=dcbbf83dba6ba03306edf36feb156b478cba69e5;p=oweals%2Fopenssl.git ssl3_read_bytes bug fix Submitted by: D P Chang Reviewed by: Bodo --- diff --git a/CHANGES b/CHANGES index d156f600c5..8172ffc633 100644 --- a/CHANGES +++ b/CHANGES @@ -12,6 +12,10 @@ *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7 +) applies to 0.9.7 only + *) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown + type, we must throw them away by setting rr->length to 0. + [D P Chang ] + -) OpenSSL 0.9.6c released [21 dec 2001] +) SECURITY: remove unsafe setjmp/signal interaction from ui_openssl.c. diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 3baf6c50a8..ec4b665939 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -1087,6 +1087,7 @@ start: /* TLS just ignores unknown message types */ if (s->version == TLS1_VERSION) { + rr->length = 0; goto start; } #endif