wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 19:54:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2927 from SparkiDev/tls13_ccs

Browse Source 
In TLS 1.3, don't allow multiple ChangeCipherSpecs in a row
This commit is contained in:
toddouska
2020-04-28 09:52:46 -07:00
committed by GitHub
parent cb6fc56f3b df1b7f34f1
commit a585e4115e
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/internal.c
View File

@@ -15157,6 +15157,7 @@ int ProcessReply(WOLFSSL* ssl)
}
else {
#ifdef WOLFSSL_TLS13
ssl->msgsReceived.got_change_cipher = 0;
ret = DoTls13HandShakeMsg(ssl,
ssl->buffers.inputBuffer.buffer,
&ssl->buffers.inputBuffer.idx,
@@ -15219,6 +15220,13 @@ int ProcessReply(WOLFSSL* ssl)
return UNKNOWN_RECORD_TYPE;
}
ssl->buffers.inputBuffer.idx++;
if (!ssl->msgsReceived.got_change_cipher) {
ssl->msgsReceived.got_change_cipher = 1;
}
else {
SendAlert(ssl, alert_fatal, illegal_parameter);
return UNKNOWN_RECORD_TYPE;
}
break;
}
#endif