The branch OpenSSL_1_0_2-stable has been updated via 15d81749322c3498027105f8ee44e8c25479d475 (commit) from 204fb53895618672120474bac194269c0f837632 (commit)
- Log ----------------------------------------------------------------- commit 15d81749322c3498027105f8ee44e8c25479d475 Author: Matt Caswell <m...@openssl.org> Date: Mon Sep 12 11:04:51 2016 +0100 Abort on unrecognised warning alerts A peer continually sending unrecognised warning alerts could mean that we make no progress on a connection. We should abort rather than continuing if we receive an unrecognised warning alert. Thanks to Shi Lei for reporting this issue. Reviewed-by: Rich Salz <rs...@openssl.org> ----------------------------------------------------------------------- Summary of changes: ssl/s3_pkt.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index df124cf..91f0c58 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -1462,8 +1462,13 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) } #ifdef SSL_AD_MISSING_SRP_USERNAME else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME) - return (0); + return 0; #endif + else { + al = SSL_AD_HANDSHAKE_FAILURE; + SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNKNOWN_ALERT_TYPE); + goto f_err; + } } else if (alert_level == SSL3_AL_FATAL) { char tmp[16]; _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits