diff options
| author |   sthen <sthen@openbsd.org> | 2021-03-21 18:13:59 +0000 |
|---|---|---|
| committer | sthen <sthen@openbsd.org> | 2021-03-21 18:13:59 +0000 |
| commit | 1507f9071270bfba00c7a3f5c192590e1442b199 (patch) | |
| tree | 43ac034874e64776b8211ecf3cf0687bddce6978 /lib/libssl/tls13_client.c | |
| parent | Split TLSv1.3 record protection from record layer. (diff) | |
| download | wireguard-openbsd-1507f9071270bfba00c7a3f5c192590e1442b199.tar.xz wireguard-openbsd-1507f9071270bfba00c7a3f5c192590e1442b199.zip | |
wg(4): fix race between tx/rx handshakes, from Matt Dunwoodie, ok mpi@
"There is a race between sending/receiving handshake packets. This
occurs if we consume an initiation, then send an initiation prior to
replying to the consumed initiation.
In particular, when consuming an initiation, we don't generate the
index until creating the response (which is incorrect). If we attempt
to create an initiation between these processes, we drop any
outstanding handshake which in this case has index 0 as set when
consuming the initiation.
The fix attached is to generate the index when consuming the initiation
so that any spurious initiation creation can drop a valid index. The
patch also consolidates setting fields on the handshake."
Diffstat (limited to 'lib/libssl/tls13_client.c')
0 files changed, 0 insertions, 0 deletions