Fix no-comp

The value of SSL3_RT_MAX_ENCRYPTED_LENGTH normally includes the compression overhead (even if no compression is negotiated for a connection). Except in a build where no-comp is used the value of SSL3_RT_MAX_ENCRYPTED_LENGTH does not include the compression overhead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2872)
author: Matt Caswell <matt@openssl.org> 2017-03-07 09:58:27 +0000
committer: Matt Caswell <matt@openssl.org> 2017-03-08 11:03:37 +0000
commit: 4f7b76bf0f255c0a04eb3e47361a00b19f16120d (patch)
tree: 709bfd30bb385728c86c14ca4eb38ea4cf84d2bf /ssl/record
parent: 75e314f2d573d4f984ff6a371be7a4966bf5f4c5 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index 1e281fc19f..211de55e09 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -349,8 +349,14 @@ int ssl3_get_record(SSL *s)
         } else {
             size_t len = SSL3_RT_MAX_ENCRYPTED_LENGTH;
 
+#ifndef OPENSSL_NO_COMP
+            /*
+             * If OPENSSL_NO_COMP is defined then SSL3_RT_MAX_ENCRYPTED_LENGTH
+             * does not include the compression overhead anyway.
+             */
             if (s->expand == NULL)
                 len -= SSL3_RT_MAX_COMPRESSED_OVERHEAD;
+#endif
 
             if (thisrr->length > len) {
                 al = SSL_AD_RECORD_OVERFLOW;
author	Matt Caswell <matt@openssl.org>	2017-03-07 09:58:27 +0000
committer	Matt Caswell <matt@openssl.org>	2017-03-08 11:03:37 +0000
commit	4f7b76bf0f255c0a04eb3e47361a00b19f16120d (patch)
tree	709bfd30bb385728c86c14ca4eb38ea4cf84d2bf /ssl/record
parent	75e314f2d573d4f984ff6a371be7a4966bf5f4c5 (diff)