git.ipfire.org Git - thirdparty/openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Mon, 9 Mar 2015 16:09:04 +0000 (16:09 +0000)
committer	Matt Caswell <matt@openssl.org>
	Tue, 2 Jun 2015 08:17:21 +0000 (09:17 +0100)
commit	113d36a3fb4c157242fa995d0cdfe7e36107fba6
tree	35e2d837714c184a3ff8cfcc82fb16f1997a0568	tree \| snapshot
parent	f16093d2d6a61ae8b14e4b337b3c33e1900791f1	commit \| diff

Clear state in DTLSv1_listen

This is a backport of commit e83ee04bb7de800cdb71d522fa562e99328003a3 from
the master branch (and this has also been applied to 1.0.2). In 1.0.2 this
was CVE-2015-0207. For other branches there is no known security issue, but
this is being backported as a precautionary measure.

The DTLSv1_listen function is intended to be stateless and processes
the initial ClientHello from many peers. It is common for user code to
loop over the call to DTLSv1_listen until a valid ClientHello is received
with an associated cookie. A defect in the implementation of DTLSv1_listen
means that state is preserved in the SSL object from one invokation to the
next.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit cce3e4adb78a8d3eeb6e0e4efe332fcc5d75f615)