Submitted by: Brad Spencer <spencer@jacknife.org>

Reviewed by: steve
author: Dr. Stephen Henson <steve@openssl.org> 2006-09-23 17:29:49 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2006-09-23 17:29:49 +0000
commit: 89c9c6673688e7b954a1c3ef71f129c857a7db19 (patch)
tree: c7aae2388131102a16909c8620b361f59e9ae657 /ssl/d1_pkt.c
parent: 347ed3b93c560af5ab6582425c250f486bf685bf (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 5c7fcd124e..0b099325e1 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -837,8 +837,14 @@ start:
 			dest = s->d1->alert_fragment;
 			dest_len = &s->d1->alert_fragment_len;
 			}
-		else	/* else it's a CCS message */
-			OPENSSL_assert(rr->type == SSL3_RT_CHANGE_CIPHER_SPEC);
+                /* else it's a CCS message, or it's wrong */
+                else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC)
+                        {
+                          /* Not certain if this is the right error handling */
+                          al=SSL_AD_UNEXPECTED_MESSAGE;
+                          SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
+                          goto f_err;
+                        }
 
 
 		if (dest_maxlen > 0)
author	Dr. Stephen Henson <steve@openssl.org>	2006-09-23 17:29:49 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2006-09-23 17:29:49 +0000
commit	89c9c6673688e7b954a1c3ef71f129c857a7db19 (patch)
tree	c7aae2388131102a16909c8620b361f59e9ae657 /ssl/d1_pkt.c
parent	347ed3b93c560af5ab6582425c250f486bf685bf (diff)