Google Git
Sign in
boringssl/boringssl.git/86271ee9f866cd83d9e37ab1ba1218ebefb336aa^!/./ssl/ssl_locl.h
commit
86271ee9f866cd83d9e37ab1ba1218ebefb336aa
[log]
author
David Benjamin <davidben@chromium.org>
Mon Jul 21 16:14:03 2014 -0400
committer
Adam Langley <agl@google.com>
Fri Jul 25 17:58:58 2014 +0000
tree
99c36d2f90a7c908639d4c210bcd6aef8d6ee36e
parent
cb5abad717d9ef77209071813376fd06b2ede294 [diff] [blame]
Change CCS_OK to EXPECT_CCS.

Now that the flag is set accurately, use it to enforce that the handshake and
CCS synchronization. If EXPECT_CCS is set, enforce that:

(a) No handshake records may be received before ChangeCipherSpec.

(b) There is no pending handshake data at the point EXPECT_CCS is set.

Change-Id: I04b228fe6a7a771cf6600b7d38aa762b2d553f08
Reviewed-on: https://boringssl-review.googlesource.com/1299
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 57d63c8..7f63ce6 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h

@@ -947,6 +947,7 @@
 int ssl3_renegotiate(SSL *ssl); 
 int ssl3_renegotiate_check(SSL *ssl); 
 int ssl3_dispatch_alert(SSL *s);
+int ssl3_expect_change_cipher_spec(SSL *s);
 int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
 int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
 int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,unsigned char *p);