diff options
| author | marha <marha@users.sourceforge.net> | 2012-01-27 20:31:28 +0100 |
|---|---|---|
| committer | marha <marha@users.sourceforge.net> | 2012-01-27 20:31:28 +0100 |
| commit | c6a1477b0092762299491d79b3a8cb094c6456da (patch) | |
| tree | 8458d152a6d4cecd8b2d88f3e7e6950128a53fb7 /openssl/ssl/d1_both.c | |
| parent | eb4c088eb71f93b9639f4ff651523d794f1433f7 (diff) | |
| download | vcxsrv-c6a1477b0092762299491d79b3a8cb094c6456da.tar.gz vcxsrv-c6a1477b0092762299491d79b3a8cb094c6456da.tar.bz2 vcxsrv-c6a1477b0092762299491d79b3a8cb094c6456da.zip | |
update to openssl 1.0.0g
Diffstat (limited to 'openssl/ssl/d1_both.c')
| -rw-r--r-- | openssl/ssl/d1_both.c | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/openssl/ssl/d1_both.c b/openssl/ssl/d1_both.c index 2180c6d4d..9f898d699 100644 --- a/openssl/ssl/d1_both.c +++ b/openssl/ssl/d1_both.c @@ -158,7 +158,6 @@ static unsigned char bitmask_end_values[] = {0xff, 0x01, 0x03, 0x07, 0x0f, 0x1 /* XDTLS: figure out the right values */ static unsigned int g_probable_mtu[] = {1500 - 28, 512 - 28, 256 - 28}; -static unsigned int dtls1_min_mtu(void); static unsigned int dtls1_guess_mtu(unsigned int curr_mtu); static void dtls1_fix_message_header(SSL *s, unsigned long frag_off, unsigned long frag_len); @@ -264,11 +263,10 @@ int dtls1_do_write(SSL *s, int type) return ret; mtu = s->d1->mtu - (DTLS1_HM_HEADER_LENGTH + DTLS1_RT_HEADER_LENGTH); } - - OPENSSL_assert(mtu > 0); /* should have something reasonable now */ - #endif + OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu()); /* should have something reasonable now */ + if ( s->init_off == 0 && type == SSL3_RT_HANDSHAKE) OPENSSL_assert(s->init_num == (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH); @@ -795,7 +793,13 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok) *ok = 0; return i; } - OPENSSL_assert(i == DTLS1_HM_HEADER_LENGTH); + /* Handshake fails if message header is incomplete */ + if (i != DTLS1_HM_HEADER_LENGTH) + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_UNEXPECTED_MESSAGE); + goto f_err; + } /* parse the message fragment header */ dtls1_get_message_header(wire, &msg_hdr); @@ -867,7 +871,12 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok) /* XDTLS: an incorrectly formatted fragment should cause the * handshake to fail */ - OPENSSL_assert(i == (int)frag_len); + if (i != (int)frag_len) + { + al=SSL3_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL3_AD_ILLEGAL_PARAMETER); + goto f_err; + } *ok = 1; @@ -1367,7 +1376,7 @@ dtls1_write_message_header(SSL *s, unsigned char *p) return p; } -static unsigned int +unsigned int dtls1_min_mtu(void) { return (g_probable_mtu[(sizeof(g_probable_mtu) / |