diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-01-04 23:15:51 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-01-04 23:15:51 +0000 |
commit | d0dc991c6228564212ace119440a9ac5f21578bc (patch) | |
tree | f091195930c8ce51c17e2e41e946dcee888c3fae /ssl/ssl3.h | |
parent | 2ec0497f080bc53c99ab895fc0caa7af20b9a02e (diff) | |
download | openssl-d0dc991c6228564212ace119440a9ac5f21578bc.tar.gz |
Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
Diffstat (limited to 'ssl/ssl3.h')
-rw-r--r-- | ssl/ssl3.h | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ssl/ssl3.h b/ssl/ssl3.h index 93f9ead305..91089f3e8e 100644 --- a/ssl/ssl3.h +++ b/ssl/ssl3.h @@ -388,6 +388,17 @@ typedef struct ssl3_buffer_st #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 #define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010 #define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020 + +/* SSL3_FLAGS_SGC_RESTART_DONE is set when we + * restart a handshake because of MS SGC and so prevents us + * from restarting the handshake in a loop. It's reset on a + * renegotiation, so effectively limits the client to one restart + * per negotiation. This limits the possibility of a DDoS + * attack where the client handshakes in a loop using SGC to + * restart. Servers which permit renegotiation can still be + * effected, but we can't prevent that. + */ +#define SSL3_FLAGS_SGC_RESTART_DONE 0x0040 #ifndef OPENSSL_NO_SSL_INTERN |