ssl3_read_bytes bug fix

author Ulf Möller <ulf@openssl.org>

Fri, 28 Dec 2001 17:14:35 +0000 (17:14 +0000)

committer Ulf Möller <ulf@openssl.org>

Fri, 28 Dec 2001 17:14:35 +0000 (17:14 +0000)
author Ulf Möller <ulf@openssl.org>
Fri, 28 Dec 2001 17:14:35 +0000 (17:14 +0000)
committer Ulf Möller <ulf@openssl.org>
Fri, 28 Dec 2001 17:14:35 +0000 (17:14 +0000)
diff --git a/CHANGES b/CHANGES

index d156f600c51386b55d9228bde34c4ac9be7c5fd4..8172ffc63328278e76337a473a56b050fd6675cf 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -12,6 +12,10 @@
           *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
           +) applies to 0.9.7 only
  
+  *) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown
+     type, we must throw them away by setting rr->length to 0.
+     [D P Chang <dpc@qualys.com>]
+
    -) OpenSSL 0.9.6c released [21 dec 2001]
  
    +) SECURITY: remove unsafe setjmp/signal interaction from ui_openssl.c.
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c

index 3baf6c50a8631a8f9eaff19b89050e90dcfe21f2..ec4b665939f935b771b64fa8104ac5a9f16948d5 100644 (file)
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1087,6 +1087,7 @@ start:
                 /* TLS just ignores unknown message types */
                 if (s->version == TLS1_VERSION)
                         {
+                       rr->length = 0;
                         goto start;
                         }
  #endif
author	Ulf Möller <ulf@openssl.org>
	Fri, 28 Dec 2001 17:14:35 +0000 (17:14 +0000)
committer	Ulf Möller <ulf@openssl.org>
	Fri, 28 Dec 2001 17:14:35 +0000 (17:14 +0000)
CHANGES		patch \| blob \| history
ssl/s3_pkt.c		patch \| blob \| history