diff options
author | Matt Caswell <matt@openssl.org> | 2015-02-05 13:59:16 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-03-25 12:24:36 +0000 |
commit | 4f9fab6bd0253416eeace5a45142c7c4a83bc511 (patch) | |
tree | 997ccd29bc5d53380f551c9544aa09d9368f4a88 /ssl | |
parent | d5d0a1cb1347d4a8547e78aec56c50c528186e50 (diff) |
Add ticket length before buffering DTLS message
In ssl3_send_new_session_ticket the message to be sent is constructed. We
skip adding the length of the session ticket initially, then call
ssl_set_handshake_header, and finally go back and add in the length of the
ticket. Unfortunately, in DTLS, ssl_set_handshake_header also has the side
effect of buffering the message for subsequent retransmission if required.
By adding the ticket length after the call to ssl_set_handshake_header the
message that is buffered is incomplete, causing an invalid message to be
sent on retransmission.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_srvr.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 0efe3ddc6d..ce52854e0d 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -3431,11 +3431,11 @@ int ssl3_send_newsession_ticket(SSL *s) /* Now write out lengths: p points to end of data written */ /* Total length */ len = p - ssl_handshake_start(s); - if(!ssl_set_handshake_header(s, SSL3_MT_NEWSESSION_TICKET, len)) - goto err; /* Skip ticket lifetime hint */ p = ssl_handshake_start(s) + 4; s2n(len - 6, p); + if(!ssl_set_handshake_header(s, SSL3_MT_NEWSESSION_TICKET, len)) + goto err; s->state = SSL3_ST_SW_SESSION_TICKET_B; OPENSSL_free(senc); } |