diff options
author | David Woodhouse <David.Woodhouse@intel.com> | 2016-07-08 20:47:42 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-08-04 20:56:23 +0100 |
commit | e6027420b7124d6196ccff391063a6626b1fab62 (patch) | |
tree | 3b94144a13fbaaea4f48aa534872df6776912df2 | |
parent | c8a18468caef4d62778381be0acdadc8a88d6e51 (diff) |
Fix ossl_statem_client_max_message_size() for DTLS1_BAD_VER
The Change Cipher Spec message in this ancient pre-standard version of DTLS
that Cisco are unfortunately still using in their products, is 3 bytes.
Allow it.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
-rw-r--r-- | ssl/statem/statem_clnt.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 9d4af3ab00..df19211b55 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -589,6 +589,8 @@ unsigned long ossl_statem_client_max_message_size(SSL *s) return SERVER_HELLO_DONE_MAX_LENGTH; case TLS_ST_CR_CHANGE: + if (s->version == DTLS1_BAD_VER) + return 3; return CCS_MAX_LENGTH; case TLS_ST_CR_SESSION_TICKET: |