]> granicus.if.org Git - openssl/commitdiff
projects / openssl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 52bef4d)
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
authorDr. Stephen Henson <steve@openssl.org>
Thu, 5 Jan 2012 00:23:31 +0000 (00:23 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 5 Jan 2012 00:23:31 +0000 (00:23 +0000)
Reviewed by: steve

Send fatal alert if heartbeat extension has an illegal value.

ssl/t1_lib.c patch | blob | history

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 4734c37e0a02d90665a8ccd21f786b1a85d34b2e..1a46d891c0e2b41b7cf449b76b431b2864ffc11f 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -825,6 +825,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
                        *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
                else
                        *(ret++) = SSL_TLSEXT_HB_ENABLED;
+
                }
 #endif
 
@@ -1282,6 +1283,8 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
                                                        s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
                                                        s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
                                                        break;
+                               default:        *al = SSL_AD_ILLEGAL_PARAMETER;
+                                                       return 0;
                                }
                        }
 #endif
@@ -1553,6 +1556,8 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
                                                        s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
                                                        s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
                                                        break;
+                               default:        *al = SSL_AD_ILLEGAL_PARAMETER;
+                                                       return 0;
                                }
                        }
 #endif
Unnamed repository; edit this file 'description' to name the repository.