]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c12b5e7)
Disallow Message sequence number 2 in DTLSv1_listen
authorJoshua Rogers <MegaManSec@users.noreply.github.com>
Wed, 8 Oct 2025 07:31:18 +0000 (15:31 +0800)
committerTomas Mraz <tomas@openssl.org>
Fri, 17 Oct 2025 16:59:47 +0000 (18:59 +0200)
Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28788)

(cherry picked from commit dc242b16954552c7589a6c2ea829c2a888878f27)

ssl/d1_lib.c patch | blob | blame | history

diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 29b6b04467fdf5db61191277b8a502405a3126d7..d10814bc76d711682db5cd2319eca94b17c9b8f7 100644 (file)
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -571,7 +571,7 @@ int DTLSv1_listen(SSL *ssl, BIO_ADDR *client)
         }
 
         /* Message sequence number can only be 0 or 1 */
-        if (msgseq > 2) {
+        if (msgseq > 1) {
             ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_SEQUENCE_NUMBER);
             goto end;
         }
Mirror of https://github.com/openssl/openssl.git