Remove create_empty_fragment from do_dtls1_write()

do_dtls1_write() was never called with a value for create_empty_fragment that was ever non-zero - so this is dead code and can be removed. The equivalent code in the TLS processing is used for TLS1.0/SSLv3 to protect against known IV weaknesses because those protocol versions do not have an explicit IV. However DTLS1.0 is based on TLSv1.1 and *does* have an explicit IV - so this is not useful there. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19424)
author: Matt Caswell <matt@openssl.org> 2022-10-06 13:18:43 +0100
committer: Matt Caswell <matt@openssl.org> 2022-10-20 14:39:32 +0100
commit: 22d6e8547f11dae2e4c026be93331e9acfe9b940 (patch)
tree: 35b578f262f1c02c7d2d1810bffd188a52359b42 /ssl/d1_msg.c
parent: 706fc5f6ebd63e1fcd18d4764248206ab3c18a0a (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/d1_msg.c b/ssl/d1_msg.c
index 1bb7974311..279435ca03 100644
--- a/ssl/d1_msg.c
+++ b/ssl/d1_msg.c
@@ -54,7 +54,7 @@ int dtls1_dispatch_alert(SSL *ssl)
     *ptr++ = s->s3.send_alert[0];
     *ptr++ = s->s3.send_alert[1];
 
-    i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0, &written);
+    i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), &written);
     if (i <= 0) {
         s->s3.alert_dispatch = 1;
         /* fprintf(stderr, "not done with alert\n"); */
author	Matt Caswell <matt@openssl.org>	2022-10-06 13:18:43 +0100
committer	Matt Caswell <matt@openssl.org>	2022-10-20 14:39:32 +0100
commit	22d6e8547f11dae2e4c026be93331e9acfe9b940 (patch)
tree	35b578f262f1c02c7d2d1810bffd188a52359b42 /ssl/d1_msg.c
parent	706fc5f6ebd63e1fcd18d4764248206ab3c18a0a (diff)