CVSROOT: /cvs
Module name: src
Changes by: js...@cvs.openbsd.org 2022/03/17 11:28:08
Modified files:
lib/libssl : ssl_pkt.c
Log message:
Rewrite legacy TLS unexpected handshake message handling.
Rewrite the code that handles unexpected handshake messages in the legacy
TLS stack. Parse the TLS message header up front, then process it based on
the message type. Overall the code should be more strict and we should
reject various invalid messages that would have previously been accepted.
I also reviewed steve's experimental code and fixed the bug that it
contained.
ok inoguchi@ tb@
