diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-01-04 18:52:18 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-01-04 18:52:18 +0000 |
commit | 21c4b259598efe3ea8c834c1568e8b762be120c4 (patch) | |
tree | d3699bb0651684b955720bcf9f132c69e79bc6a2 /ssl/ssl3.h | |
parent | 41cf2c3aefcfb892896c3b5be3a56474d46dde14 (diff) |
Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
Diffstat (limited to 'ssl/ssl3.h')
-rw-r--r-- | ssl/ssl3.h | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ssl/ssl3.h b/ssl/ssl3.h index 2f579c253b..b9a85effa0 100644 --- a/ssl/ssl3.h +++ b/ssl/ssl3.h @@ -333,6 +333,17 @@ typedef struct ssl3_buffer_st #define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 #define SSL3_FLAGS_POP_BUFFER 0x0004 #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 + +/* SSL3_FLAGS_SGC_RESTART_DONE is set when we + * restart a handshake because of MS SGC and so prevents us + * from restarting the handshake in a loop. It's reset on a + * renegotiation, so effectively limits the client to one restart + * per negotiation. This limits the possibility of a DDoS + * attack where the client handshakes in a loop using SGC to + * restart. Servers which permit renegotiation can still be + * effected, but we can't prevent that. + */ +#define SSL3_FLAGS_SGC_RESTART_DONE 0x0040 typedef struct ssl3_state_st { |