Fix renegotiation at incorrect times in DTLS Fix an incorrect condition in ssl_check_ctr_renegotiate() that compared 64 bits of record counter instead of 48 bits as described in RFC 6347 Section 4.3.1. This would cause the function's return value to be occasionally incorrect and the renegotiation routines to be triggered at unexpected times.

commit: 2196c7f81cf9b7903def3c7d34d0bcfc11cf286e [log] [tgz]
author: Andres AG <andres.amayagarcia@arm.com> Thu Dec 15 17:01:16 2016 +0000
committer: Simon Butcher <simon.butcher@arm.com> Wed Feb 15 23:26:35 2017 +0200
tree: 0dbba82660bdf627f5c144103deec317dd2ec73a
parent: 747fceb78536d0e205085e04e5f4aa5158e702b5 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index eb729a3..9fcebc7 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -8,6 +8,11 @@
    * Fix unused variable/function compilation warnings in pem.c, x509_crt.c and
      x509_csr.c that are reported when building mbed TLS with a config.h that
      does not define MBEDTLS_PEM_PARSE_C. #562
+   * Fix incorrect renegotiation condition in ssl_check_ctr_renegotiate() that
+     would compare 64 bits of the record counter instead of 48 bits as indicated
+     in RFC 6347 Section 4.3.1. This could cause the execution of the
+     renegotiation routines at unexpected times when the protocol is DTLS. Found
+     by wariua. #687
    * Fixed multiple buffer overreads in mbedtls_pem_read_buffer() when parsing
      the input string in PEM format to extract the different components. Found
      by Eyal Itkin.
commit	2196c7f81cf9b7903def3c7d34d0bcfc11cf286e	[log] [tgz]
author	Andres AG <andres.amayagarcia@arm.com>	Thu Dec 15 17:01:16 2016 +0000
committer	Simon Butcher <simon.butcher@arm.com>	Wed Feb 15 23:26:35 2017 +0200
tree	0dbba82660bdf627f5c144103deec317dd2ec73a
parent	747fceb78536d0e205085e04e5f4aa5158e702b5 [diff] [blame]