Be more strict about rejecting pre-handshake data in 0.2.2
|Reported by:||nickm||Owned by:|
In 0.2.2, while in state OR_CONN_STATE_TLS_SERVER_RENEGOTIATING, if we get any data we just let it sit in the inbuf. We should instead close the connection if the data arrives before the handshake, since this is either a failed attempt at a v3 handshake, or an attempt to bloat our buffer and make us waste ram.
On 0.2.3, this fix isn't necessary, since any data arriving will get treated as an attempt at a v3 handshake.
Found by pseudnymous user on IRC.
Change History (12)
comment:10 Changed 5 years ago by nickm
- Resolution set to fixed
- Status changed from needs_review to closed