diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2009-08-26 11:51:57 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2009-08-26 11:51:57 +0000 |
commit | 480b9e5d29235d0dcfdfae415dc26814a7da511d (patch) | |
tree | 023c563f9c8151bc0f8172fd8e0305cd36465304 /ssl/d1_pkt.c | |
parent | 19c5314f282edf41891fffc449e544ae7b447968 (diff) |
PR: 2006
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Do not use multiple DTLS records for a single user message
Diffstat (limited to 'ssl/d1_pkt.c')
-rw-r--r-- | ssl/d1_pkt.c | 67 |
1 files changed, 8 insertions, 59 deletions
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 0664636b52..355d5ed9cd 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -1257,7 +1257,6 @@ err: int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len) { - unsigned int n,tot; int i; if (SSL_in_init(s) && !s->in_handshake) @@ -1271,31 +1270,14 @@ dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len) } } - tot = s->s3->wnum; - n = len - tot; - - while( n) + if (len > SSL3_RT_MAX_PLAIN_LENGTH) { - /* dtls1_write_bytes sends one record at a time, sized according to - * the currently known MTU */ - i = dtls1_write_bytes(s, type, buf_, len); - if (i <= 0) return i; - - if ((i == (int)n) || - (type == SSL3_RT_APPLICATION_DATA && - (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))) - { - /* next chunk of data should get another prepended empty fragment - * in ciphersuites with known-IV weakness: */ - s->s3->empty_fragment_done = 0; - return tot+i; - } - - tot += i; - n-=i; + SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES,SSL_R_DTLS_MESSAGE_TOO_BIG); + return -1; } - return tot; + i = dtls1_write_bytes(s, type, buf_, len); + return i; } @@ -1336,46 +1318,13 @@ have_handshake_fragment(SSL *s, int type, unsigned char *buf, /* Call this to write data in records of type 'type' * It will return <= 0 if not all data has been sent or non-blocking IO. */ -int dtls1_write_bytes(SSL *s, int type, const void *buf_, int len) +int dtls1_write_bytes(SSL *s, int type, const void *buf, int len) { - const unsigned char *buf=buf_; - unsigned int tot,n,nw; int i; - unsigned int mtu; + OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH); s->rwstate=SSL_NOTHING; - tot=s->s3->wnum; - - n=(len-tot); - - /* handshake layer figures out MTU for itself, but data records - * are also sent through this interface, so need to figure out MTU */ -#if 0 - mtu = BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_MTU, 0, NULL); - mtu += DTLS1_HM_HEADER_LENGTH; /* HM already inserted */ -#endif - mtu = s->d1->mtu; - - if (mtu > SSL3_RT_MAX_PLAIN_LENGTH) - mtu = SSL3_RT_MAX_PLAIN_LENGTH; - - if (n > mtu) - nw=mtu; - else - nw=n; - - i=do_dtls1_write(s, type, &(buf[tot]), nw, 0); - if (i <= 0) - { - s->s3->wnum=tot; - return i; - } - - if ( (int)s->s3->wnum + i == len) - s->s3->wnum = 0; - else - s->s3->wnum += i; - + i=do_dtls1_write(s, type, buf, len, 0); return i; } |