diff options
author | Matt Caswell <matt@openssl.org> | 2022-10-06 13:18:43 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2022-10-20 14:39:32 +0100 |
commit | 22d6e8547f11dae2e4c026be93331e9acfe9b940 (patch) | |
tree | 35b578f262f1c02c7d2d1810bffd188a52359b42 /ssl/d1_msg.c | |
parent | 706fc5f6ebd63e1fcd18d4764248206ab3c18a0a (diff) |
Remove create_empty_fragment from do_dtls1_write()
do_dtls1_write() was never called with a value for create_empty_fragment
that was ever non-zero - so this is dead code and can be removed. The
equivalent code in the TLS processing is used for TLS1.0/SSLv3 to protect
against known IV weaknesses because those protocol versions do not have
an explicit IV. However DTLS1.0 is based on TLSv1.1 and *does* have an
explicit IV - so this is not useful there.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
Diffstat (limited to 'ssl/d1_msg.c')
-rw-r--r-- | ssl/d1_msg.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/d1_msg.c b/ssl/d1_msg.c index 1bb7974311..279435ca03 100644 --- a/ssl/d1_msg.c +++ b/ssl/d1_msg.c @@ -54,7 +54,7 @@ int dtls1_dispatch_alert(SSL *ssl) *ptr++ = s->s3.send_alert[0]; *ptr++ = s->s3.send_alert[1]; - i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0, &written); + i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), &written); if (i <= 0) { s->s3.alert_dispatch = 1; /* fprintf(stderr, "not done with alert\n"); */ |