Update from HEAD.

author: Dr. Stephen Henson <steve@openssl.org> 2009-07-04 11:49:36 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2009-07-04 11:49:36 +0000
commit: b51291cba872db4bf0eb88215ba289760d8b28d4 (patch)
tree: fa8751ec6b0320ac4b51be029e5eecfbab7644f4 /ssl/d1_pkt.c
parent: b29b576957c53ca1eef1525f82dbad8d9a14fca2 (diff)
1 files changed, 12 insertions, 11 deletions
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index bc75b537fb..0b740138ce 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -542,27 +542,28 @@ again:
 			{
 			if (version != s->version && version != DTLS1_BAD_VER)
 				{
-				SSLerr(SSL_F_DTLS1_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
-				/* Send back error using their
-				 * version number :-) */
-				s->version=version;
-				al=SSL_AD_PROTOCOL_VERSION;
-				goto f_err;
+				/* unexpected version, silently discard */
+				rr->length = 0;
+				s->packet_length = 0;
+				goto again;
 				}
 			}
 
 		if ((version & 0xff00) != (DTLS1_VERSION & 0xff00) &&
 		    (version & 0xff00) != (DTLS1_BAD_VER & 0xff00))
 			{
-			SSLerr(SSL_F_DTLS1_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
-			goto err;
+			/* wrong version, silently discard record */
+			rr->length = 0;
+			s->packet_length = 0;
+			goto again;
 			}
 
 		if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH)
 			{
-			al=SSL_AD_RECORD_OVERFLOW;
-			SSLerr(SSL_F_DTLS1_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);
-			goto f_err;
+			/* record too long, silently discard it */
+			rr->length = 0;
+			s->packet_length = 0;
+			goto again;
 			}
 
 		s->client_version = version;
author	Dr. Stephen Henson <steve@openssl.org>	2009-07-04 11:49:36 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2009-07-04 11:49:36 +0000
commit	b51291cba872db4bf0eb88215ba289760d8b28d4 (patch)
tree	fa8751ec6b0320ac4b51be029e5eecfbab7644f4 /ssl/d1_pkt.c
parent	b29b576957c53ca1eef1525f82dbad8d9a14fca2 (diff)