diff options
| author |   beck <beck@openbsd.org> | 2017-01-26 07:20:57 +0000 |
|---|---|---|
| committer | beck <beck@openbsd.org> | 2017-01-26 07:20:57 +0000 |
| commit | b6a22251c682d552b63a81313d2b68136a97bc45 (patch) | |
| tree | e8ba8a41c3024e11f630231e7168b64376dbb9f8 /lib/libssl/ssl_err.c | |
| parent | Refactor the code to generate a WANT_READ into a function, as we are (diff) | |
| download | wireguard-openbsd-b6a22251c682d552b63a81313d2b68136a97bc45.tar.xz wireguard-openbsd-b6a22251c682d552b63a81313d2b68136a97bc45.zip | |
Limit the number of sequential empty records that we will process
before yielding, and fail if we exceed a maximum. loosely based
on what boring and openssl are doing
ok jsing@
Diffstat (limited to 'lib/libssl/ssl_err.c')
| -rw-r--r-- | lib/libssl/ssl_err.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/libssl/ssl_err.c b/lib/libssl/ssl_err.c index 04742b60ca2..efe3e9473f1 100644 --- a/lib/libssl/ssl_err.c +++ b/lib/libssl/ssl_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_err.c,v 1.29 2015/02/22 15:54:27 jsing Exp $ */ +/* $OpenBSD: ssl_err.c,v 1.30 2017/01/26 07:20:57 beck Exp $ */ /* ==================================================================== * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. * @@ -597,6 +597,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= { {ERR_REASON(SSL_R_WRONG_VERSION_NUMBER) , "wrong version number"}, {ERR_REASON(SSL_R_X509_LIB) , "x509 lib"}, {ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS), "x509 verification setup problems"}, + {ERR_REASON(SSL_R_PEER_BEHAVING_BADLY) ,"peer is doing strange or hostile things"}, {0, NULL} }; |