Skip to content

Commit

Permalink
Return SSL_AD_UNEXPECTED_MESSAGE alert when receiving any other chang…
Browse files Browse the repository at this point in the history 
…e_cipher_spec value(RFC 8446)

Fixes: openssl#25086

CLA: trivial

Reviewed-by: Tomas Mraz <[email protected]>
Reviewed-by: Matt Caswell <[email protected]>
(Merged from openssl#25257)
  • Loading branch information
@ldlb9527 @mattcaswell
ldlb9527 authored and mattcaswell committed Aug 26, 2024
1 parent 91432b9 commit c07a34e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ssl/record/methods/tls_common.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -744,7 +744,7 @@ int tls_get_more_records(OSSL_RECORD_LAYER *rl)
* CCS messages must be exactly 1 byte long, containing the value 0x01
*/
if (thisrr->length != 1 || thisrr->data[0] != 0x01) {
RLAYERfatal(rl, SSL_AD_ILLEGAL_PARAMETER,
RLAYERfatal(rl, SSL_AD_UNEXPECTED_MESSAGE,
SSL_R_INVALID_CCS_MESSAGE);
return OSSL_RECORD_RETURN_FATAL;
}
Expand Down

0 comments on commit c07a34e

Please sign in to comment.