summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2012-01-05 00:23:31 +0000
committerDr. Stephen Henson <steve@openssl.org>2012-01-05 00:23:31 +0000
commit166dea6ac8495719983ab241170793584e3ece8c (patch)
tree27313bcfb95f4501acc961f57b9cba2647553c7a
parent52bef4d67724ee826512dd6cd22d0d82a3c83945 (diff)
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve Send fatal alert if heartbeat extension has an illegal value.
Diffstat
-rw-r--r--ssl/t1_lib.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 4734c37e0a..1a46d891c0 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -825,6 +825,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
*(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
else
*(ret++) = SSL_TLSEXT_HB_ENABLED;
+
}
#endif
@@ -1282,6 +1283,8 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
break;
+ default: *al = SSL_AD_ILLEGAL_PARAMETER;
+ return 0;
}
}
#endif
@@ -1553,6 +1556,8 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
break;
+ default: *al = SSL_AD_ILLEGAL_PARAMETER;
+ return 0;
}
}
#endif
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-23 11:09:28 +0000