From: Ulf Möller <ulf@openssl.org>
Date: Fri, 28 Dec 2001 17:14:35 +0000 (+0000)
Subject: ssl3_read_bytes bug fix
X-Git-Tag: OpenSSL_0_9_6d-beta1~83^2~20
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=dcbbf83dba6ba03306edf36feb156b478cba69e5;p=openssl

ssl3_read_bytes bug fix

Submitted by: D P Chang <dpc@qualys.com>
Reviewed by: Bodo
---

diff --git a/CHANGES b/CHANGES
index d156f600c5..8172ffc633 100644
--- a/CHANGES
+++ b/CHANGES
@@ -12,6 +12,10 @@
          *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
          +) applies to 0.9.7 only
 
+  *) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown
+     type, we must throw them away by setting rr->length to 0.
+     [D P Chang <dpc@qualys.com>]
+
   -) OpenSSL 0.9.6c released [21 dec 2001]
 
   +) SECURITY: remove unsafe setjmp/signal interaction from ui_openssl.c.
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 3baf6c50a8..ec4b665939 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1087,6 +1087,7 @@ start:
 		/* TLS just ignores unknown message types */
 		if (s->version == TLS1_VERSION)
 			{
+			rr->length = 0;
 			goto start;
 			}
 #endif