Revision - 41d049e - Return errors even if the cookie validation has succeeded

Revision 41d049e1cda0e23ad45fbca94fc90cfe9cfee466 authored by Matt Caswell on 30 November 2015, 10:38:54 UTC, committed by Matt Caswell on 30 November 2015, 10:51:43 UTC

Return errors even if the cookie validation has succeeded

In the DTLS ClientHello processing the return value is stored in |ret| which
by default is -1. We wish to return 1 on success or 2 on success *and* we
have validated the DTLS cookie. Previously on successful validation of the
cookie we were setting |ret| to 2. Unfortunately if we later encounter an
error then we can end up returning a successful (positive) return code from
the function because we already set |ret| to a positive value.

This does not appear to have a security consequence because the handshake
just fails at a later point.

Reviewed-by: Andy Polyakov <appro@openssl.org>

1 parent 98b9454

Files
Changes

Permalinks

FAQ

The FAQ is now maintained on the web:
        https://www.openssl.org/docs/faq.html

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...