diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2009-07-04 11:38:40 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2009-07-04 11:38:40 +0000 |
commit | baacd8d4e5d1f1a2d6e34e725b3975dcef595414 (patch) | |
tree | d343c8f05da0de3cace25e5117597ecf2c966e7e /ssl | |
parent | 6c495bdb5d7c05a7a67a74ddde76d39e94a886d9 (diff) |
PR: 1981
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS record header bugfix.
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/d1_pkt.c | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 35e83d8b52..a9404492dd 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -586,26 +586,27 @@ again: { if (version != s->version) { - SSLerr(SSL_F_DTLS1_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); - /* Send back error using their - * version number :-) */ - s->version=version; - al=SSL_AD_PROTOCOL_VERSION; - goto f_err; + /* unexpected version, silently discard */ + rr->length = 0; + s->packet_length = 0; + goto again; } } if ((version & 0xff00) != (s->version & 0xff00)) { - SSLerr(SSL_F_DTLS1_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); - goto err; + /* wrong version, silently discard record */ + rr->length = 0; + s->packet_length = 0; + goto again; } if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) { - al=SSL_AD_RECORD_OVERFLOW; - SSLerr(SSL_F_DTLS1_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG); - goto f_err; + /* record too long, silently discard it */ + rr->length = 0; + s->packet_length = 0; + goto again; } /* now s->rstate == SSL_ST_READ_BODY */ |