diff options
author | Matt Caswell <matt@openssl.org> | 2017-03-07 09:58:27 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-03-08 11:03:37 +0000 |
commit | 4f7b76bf0f255c0a04eb3e47361a00b19f16120d (patch) | |
tree | 709bfd30bb385728c86c14ca4eb38ea4cf84d2bf /ssl/record | |
parent | 75e314f2d573d4f984ff6a371be7a4966bf5f4c5 (diff) |
Fix no-comp
The value of SSL3_RT_MAX_ENCRYPTED_LENGTH normally includes the compression
overhead (even if no compression is negotiated for a connection). Except in
a build where no-comp is used the value of SSL3_RT_MAX_ENCRYPTED_LENGTH does
not include the compression overhead.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2872)
Diffstat (limited to 'ssl/record')
-rw-r--r-- | ssl/record/ssl3_record.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 1e281fc19f..211de55e09 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -349,8 +349,14 @@ int ssl3_get_record(SSL *s) } else { size_t len = SSL3_RT_MAX_ENCRYPTED_LENGTH; +#ifndef OPENSSL_NO_COMP + /* + * If OPENSSL_NO_COMP is defined then SSL3_RT_MAX_ENCRYPTED_LENGTH + * does not include the compression overhead anyway. + */ if (s->expand == NULL) len -= SSL3_RT_MAX_COMPRESSED_OVERHEAD; +#endif if (thisrr->length > len) { al = SSL_AD_RECORD_OVERFLOW; |