DTLS didn't handle alerts correctly.

PR: 1632
author: Andy Polyakov <appro@openssl.org> 2008-09-13 18:24:38 +0000
committer: Andy Polyakov <appro@openssl.org> 2008-09-13 18:24:38 +0000
commit: d493899579429374026bc11c60859d5af9c2a0dc (patch)
tree: 28384a111a8812cbaa11a697ab445d8e9f663a59 /ssl/d1_pkt.c
parent: 492279f6f3acaa5365fbb41e4296f87569e4a8f2 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 2e35db83e6..eb3af232c7 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -850,6 +850,14 @@ start:
              *  may be fragmented--don't always expect dest_maxlen bytes */
 			if ( rr->length < dest_maxlen)
 				{
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+				/*
+				 * for normal alerts rr->length is 2, while
+				 * dest_maxlen is 7 if we were to handle this
+				 * non-existing alert...
+				 */
+				FIX ME
+#endif
 				s->rstate=SSL_ST_READ_HEADER;
 				rr->length = 0;
 				goto start;
@@ -1546,7 +1554,7 @@ int dtls1_dispatch_alert(SSL *s)
 	{
 	int i,j;
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
-	unsigned char buf[2 + 2 + 3]; /* alert level + alert desc + message seq +frag_off */
+	unsigned char buf[DTLS1_AL_HEADER_LENGTH];
 	unsigned char *ptr = &buf[0];
 
 	s->s3->alert_dispatch=0;
author	Andy Polyakov <appro@openssl.org>	2008-09-13 18:24:38 +0000
committer	Andy Polyakov <appro@openssl.org>	2008-09-13 18:24:38 +0000
commit	d493899579429374026bc11c60859d5af9c2a0dc (patch)
tree	28384a111a8812cbaa11a697ab445d8e9f663a59 /ssl/d1_pkt.c
parent	492279f6f3acaa5365fbb41e4296f87569e4a8f2 (diff)