Overview

File 4512-ssl-Enhance-cookie-error-handling.patch of Package erlang

From ba19479ec4951d46128ac0e96d2717e459336980 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Fri, 16 Jul 2021 14:24:03 +0200
Subject: [PATCH 2/6] ssl: Enhance cookie error handling

"Catch all" to handle partially corrupt data
---
 lib/ssl/src/tls_handshake_1_3.erl | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/ssl/src/tls_handshake_1_3.erl b/lib/ssl/src/tls_handshake_1_3.erl
index 950d694b12..4f329ba8f8 100644
--- a/lib/ssl/src/tls_handshake_1_3.erl
+++ b/lib/ssl/src/tls_handshake_1_3.erl
@@ -170,7 +170,9 @@ validate_cookie(Cookie0, #state{ssl_options = #{cookie := true},
             ok;
         false ->
             {error, ?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER)}
-    end.
+    end;
+validate_cookie(_,_) ->
+    {error, ?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER)}.
 
 encrypted_extensions(#state{handshake_env = HandshakeEnv}) ->
     E0 = #{},
-- 
2.26.2
openSUSE Build Service is sponsored by
Places