diff options
author | Matt Caswell <matt@openssl.org> | 2019-04-19 13:55:08 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-04-25 13:02:52 +0100 |
commit | 3119ab3c9e6d211c461a245f3744893e17b6c193 (patch) | |
tree | 99a781f839179e54285825a931524d5f4fcc8d56 /ssl | |
parent | 8450d0c784f8cec58e1b41c79fb3836b9f2acd5e (diff) |
Fix error in BIO_get_ktls_send() and BIO_get_ktls_recv()
If we were using a different type of BIO than a socket BIO then
BIO_get_ktls_send() and BIO_get_ktls_recv() could return the wrong
result.
The above occurred even if KTLS was disabled at compile time - so we should
additionally ensure that those macros do nothing if KTLS is disabled.
Finally we make the logic in ssl3_get_record() a little more robust when
KTLS has been disabled.
[extended tests]
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8793)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/record/ssl3_record.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 24694b3ffa..f758f17dc2 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -211,9 +211,9 @@ int ssl3_get_record(SSL *s) SSL3_BUFFER_get_len(rbuf), 0, num_recs == 0 ? 1 : 0, &n); if (rret <= 0) { +#ifndef OPENSSL_NO_KTLS if (!BIO_get_ktls_recv(s->rbio)) return rret; /* error or non-blocking */ -#ifndef OPENSSL_NO_KTLS switch (errno) { case EBADMSG: SSLfatal(s, SSL_AD_BAD_RECORD_MAC, @@ -233,8 +233,8 @@ int ssl3_get_record(SSL *s) default: break; } - return rret; #endif + return rret; } RECORD_LAYER_set_rstate(&s->rlayer, SSL_ST_READ_BODY); |