Fix SSL_pending() for DTLS

DTLS was not correctly returning the number of pending bytes left in a call to SSL_pending(). This makes the detection of truncated packets almost impossible. Fixes #5478 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6021)
author: Matt Caswell <matt@openssl.org> 2018-04-19 16:42:39 +0100
committer: Matt Caswell <matt@openssl.org> 2018-04-20 11:56:30 +0100
commit: 71d52f1a8ebdf1d26b6b53e4e1f85f2ff1b0d9b8 (patch)
tree: c094cfcfdd1d4feec6b73cd5b49bf064fe19f268 /ssl
parent: f55e2fa7b9d4692b31ad7ad72e71915e853de384 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c
index b3ff5f1fbf..c753a54a22 100644
--- a/ssl/record/rec_layer_d1.c
+++ b/ssl/record/rec_layer_d1.c
@@ -423,6 +423,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
     /* get new packet if necessary */
     if ((SSL3_RECORD_get_length(rr) == 0)
         || (s->rlayer.rstate == SSL_ST_READ_BODY)) {
+        RECORD_LAYER_set_numrpipes(&s->rlayer, 0);
         ret = dtls1_get_record(s);
         if (ret <= 0) {
             ret = dtls1_read_failed(s, ret);
@@ -432,6 +433,7 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
             else
                 goto start;
         }
+        RECORD_LAYER_set_numrpipes(&s->rlayer, 1);
     }
 
     /*
author	Matt Caswell <matt@openssl.org>	2018-04-19 16:42:39 +0100
committer	Matt Caswell <matt@openssl.org>	2018-04-20 11:56:30 +0100
commit	71d52f1a8ebdf1d26b6b53e4e1f85f2ff1b0d9b8 (patch)
tree	c094cfcfdd1d4feec6b73cd5b49bf064fe19f268 /ssl
parent	f55e2fa7b9d4692b31ad7ad72e71915e853de384 (diff)