diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-02-11 22:53:48 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-02-11 22:53:48 +0000 |
commit | d40abf1689d6088c50efd7c91812223c601783b4 (patch) | |
tree | 88f1d7e19c93eb484bdec54c7980e5f18a7df6ad /ssl/d1_srtp.c | |
parent | 69e9c69e70a4ef1a9a2d68fdc4ef85b96a5a1800 (diff) |
Submitted by: Eric Rescorla <ekr@rtfm.com>
Further fixes for use_srtp extension.
Diffstat (limited to 'ssl/d1_srtp.c')
-rw-r--r-- | ssl/d1_srtp.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c index e9e6f5a67e..928935bd8b 100644 --- a/ssl/d1_srtp.c +++ b/ssl/d1_srtp.c @@ -406,7 +406,7 @@ int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int max { if(p) { - if(maxlen < 3) + if(maxlen < 5) { SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); return 1; @@ -417,11 +417,11 @@ int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int max SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,SSL_R_USE_SRTP_NOT_NEGOTIATED); return 1; } - + s2n(2, p); s2n(s->srtp_profile->id,p); *p++ = 0; } - *len=3; + *len=5; return 0; } @@ -431,10 +431,20 @@ int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al { unsigned id; int i; + int ct; + STACK_OF(SRTP_PROTECTION_PROFILE) *clnt; SRTP_PROTECTION_PROFILE *prof; - if(len!=3) + if(len!=5) + { + SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); + *al=SSL_AD_DECODE_ERROR; + return 1; + } + + n2s(d, ct); + if(ct!=2) { SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al=SSL_AD_DECODE_ERROR; |