diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2009-09-02 12:53:32 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2009-09-02 12:53:32 +0000 |
commit | f18e10253d1a700a6cf9c713d6719be4b2751088 (patch) | |
tree | 8c7c6417cc13dbe9c7893eac321918823fad0aa3 /ssl/s3_both.c | |
parent | c9add317a9d9889312f7d6008f0944fb881bd070 (diff) |
PR: 2022
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix DTLS record header length bug.
Diffstat (limited to 'ssl/s3_both.c')
-rw-r--r-- | ssl/s3_both.c | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/ssl/s3_both.c b/ssl/s3_both.c index f68b6a9ebd..d757c4dd58 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -666,7 +666,12 @@ freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem) int ssl3_setup_read_buffer(SSL *s) { unsigned char *p; - size_t len,align=0; + size_t len,align=0,headerlen; + + if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) + headerlen = DTLS1_RT_HEADER_LENGTH; + else + headerlen = SSL3_RT_HEADER_LENGTH; #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0 align = (-SSL3_RT_HEADER_LENGTH)&(SSL3_ALIGN_PAYLOAD-1); @@ -676,7 +681,7 @@ int ssl3_setup_read_buffer(SSL *s) { len = SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_ENCRYPTED_OVERHEAD - + SSL3_RT_HEADER_LENGTH + align; + + headerlen + align; if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) { s->s3->init_extra = 1; @@ -703,7 +708,12 @@ err: int ssl3_setup_write_buffer(SSL *s) { unsigned char *p; - size_t len,align=0; + size_t len,align=0,headerlen; + + if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) + headerlen = DTLS1_RT_HEADER_LENGTH + 1; + else + headerlen = SSL3_RT_HEADER_LENGTH; #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0 align = (-SSL3_RT_HEADER_LENGTH)&(SSL3_ALIGN_PAYLOAD-1); @@ -713,13 +723,13 @@ int ssl3_setup_write_buffer(SSL *s) { len = s->max_send_fragment + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD - + SSL3_RT_HEADER_LENGTH + align; + + headerlen + align; #ifndef OPENSSL_NO_COMP if (!(s->options & SSL_OP_NO_COMPRESSION)) len += SSL3_RT_MAX_COMPRESSED_OVERHEAD; #endif if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) - len += SSL3_RT_HEADER_LENGTH + align + len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD; if ((p=freelist_extract(s->ctx, 0, len)) == NULL) |