diff options
author | Matt Caswell <matt@openssl.org> | 2020-06-17 11:34:49 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-06-19 11:25:35 +0100 |
commit | cfbe41ea9138ba5f4fb6f859a72034ba4ddc693f (patch) | |
tree | 025092b89d745b7e4eccaf71907c946c3fa0c486 /ssl/statem | |
parent | 989a85774b63a91ca8d3be558ec7560fdf91fa42 (diff) |
Fix the DTLS1_COOKIE_LENGTH value
The DTLS1_COOKIE_LENGTH value was incorrect in the header files. We
couldn't change it before due to ABI concerns. However 3.0 is not ABI
compatible so we can now fix it.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12179)
Diffstat (limited to 'ssl/statem')
-rw-r--r-- | ssl/statem/statem_srvr.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index d3913e1b7d..abffbd6326 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -1312,7 +1312,7 @@ int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt) if (s->ctx->app_gen_cookie_cb == NULL || s->ctx->app_gen_cookie_cb(s, s->d1->cookie, &cookie_leni) == 0 || - cookie_leni > 255) { + cookie_leni > DTLS1_COOKIE_LENGTH) { SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST, SSL_R_COOKIE_GEN_CALLBACK_FAILURE); return 0; |