Bug 562434: SSL_ForceHandshake returns SECSuccess if the peer sends us an application data record
authornelson%bolyard.com
Sun, 06 Jun 2010 22:30:02 +0000
changeset 9665 74aeb3ce8e27abf3a223bfe75b39cbda2db91ac3
parent 9664 c74050d27020bcc469eb1e3cb343d18917af914f
child 9666 07c1a7916b3b610f815664432f7d75b193be7683
push idunknown
push userunknown
push dateunknown
bugs562434
Bug 562434: SSL_ForceHandshake returns SECSuccess if the peer sends us an application data record
security/nss/lib/ssl/ssl3con.c
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -9011,17 +9011,21 @@ const ssl3BulkCipherDef *cipher_def;
 	PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
 	return SECFailure;
     }
 
     /* Application data records are processed by the caller of this
     ** function, not by this function.
     */
     if (rType == content_application_data) {
-    	return SECSuccess;
+	if (ss->firstHsDone)
+	    return SECSuccess;
+	(void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
+	PORT_SetError(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA);
+	return SECFailure;
     }
 
     /* It's a record that must be handled by ssl itself, not the application.
     */
 process_it:
     /* XXX  Get the xmit lock here.  Odds are very high that we'll be xmiting
      * data ang getting the xmit lock here prevents deadlocks.
      */