CVSROOT: /cvs Module name: src Changes by: js...@cvs.openbsd.org 2016/11/03 10:28:36
Modified files:
lib/libssl/src/ssl: Tag: OPENBSD_6_0 s3_pkt.c
Log message:
MFC: In ssl3_read_bytes(), do not process more than three consecutive TLS
records, otherwise a peer can potentially cause us to loop indefinately.
Return with an SSL_ERROR_WANT_READ instead, so that the caller can choose
when they want to handle further processing for this connection.
ok beck@ miod@
