Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-07 15:09:28 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix renegotiation at incorrect times in DTLS

Browse source 
Fix an incorrect condition in ssl_check_ctr_renegotiate() that compared
64 bits of record counter instead of 48 bits as described in RFC 6347
Section 4.3.1. This would cause the function's return value to be
occasionally incorrect and the renegotiation routines to be triggered
at unexpected times.
This commit is contained in:
Andres AG 2016-12-15 17:01:16 +00:00
parent 1808dc01bd
commit 18c5c59b5b
3 changed files with 25 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

9
ChangeLog
View file

@ -1,5 +1,14 @@
mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS x.x.x branch released xxxx-xx-xx
Bugfix
* Fix incorrect renegotiation condition in ssl_check_ctr_renegotiate() that
would compare 64 bits of the record counter instead of 48 bits as indicated
in RFC 6347 Section 4.3.1. This could cause the execution of the
renegotiation routines at unexpected times when the protocol is DTLS. Found
by wariua. #687
= mbed TLS 2.4.1 branch released 2016-12-13
Changes