CVSROOT: /cvs Module name: src Changes by: js...@cvs.openbsd.org 2016/11/03 10:23:30
Modified files:
lib/libssl : s3_pkt.c
Log message:
In ssl3_read_bytes(), do not process more than three consecutive TLS
records, otherwise a peer can potentially cause us to loop indefinately.
Return with an SSL_ERROR_WANT_READ instead, so that the caller can choose
when they want to handle further processing for this connection.
ok beck@ miod@
