Fix ossl_statem_client_max_message_size() for DTLS1_BAD_VER

The Change Cipher Spec message in this ancient pre-standard version of DTLS that Cisco are unfortunately still using in their products, is 3 bytes. Allow it. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
author: David Woodhouse <David.Woodhouse@intel.com> 2016-07-08 20:47:42 +0100
committer: Matt Caswell <matt@openssl.org> 2016-08-04 20:56:23 +0100
commit: e6027420b7124d6196ccff391063a6626b1fab62 (patch)
tree: 3b94144a13fbaaea4f48aa534872df6776912df2
parent: c8a18468caef4d62778381be0acdadc8a88d6e51 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 9d4af3ab00..df19211b55 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -589,6 +589,8 @@ unsigned long ossl_statem_client_max_message_size(SSL *s)
             return SERVER_HELLO_DONE_MAX_LENGTH;
 
         case TLS_ST_CR_CHANGE:
+            if (s->version == DTLS1_BAD_VER)
+                return 3;
             return CCS_MAX_LENGTH;
 
         case TLS_ST_CR_SESSION_TICKET:
author	David Woodhouse <David.Woodhouse@intel.com>	2016-07-08 20:47:42 +0100
committer	Matt Caswell <matt@openssl.org>	2016-08-04 20:56:23 +0100
commit	e6027420b7124d6196ccff391063a6626b1fab62 (patch)
tree	3b94144a13fbaaea4f48aa534872df6776912df2
parent	c8a18468caef4d62778381be0acdadc8a88d6e51 (diff)