PR: 1984
Submitted by: Michael Tüxen <Michael.Tuexen@lurchi.franken.de> Approved by: steve@openssl.org PR#1984 DTLS fix for 0.9.8.
This commit is contained in:
Dr. Stephen Henson
parent
856f3005de
commit
34d01a3b20
2 changed files with 18 additions and 4 deletions
|
|
@ -517,7 +517,12 @@ again:
|
|||
/* read timeout is handled by dtls1_read_bytes */
|
||||
if (n <= 0) return(n); /* error or non-blocking */
|
||||
|
||||
OPENSSL_assert(s->packet_length == DTLS1_RT_HEADER_LENGTH);
|
||||
/* this packet contained a partial record, dump it */
|
||||
if (s->packet_length != DTLS1_RT_HEADER_LENGTH)
|
||||
{
|
||||
s->packet_length = 0;
|
||||
goto again;
|
||||
}
|
||||
|
||||
s->rstate=SSL_ST_READ_BODY;
|
||||
|
||||
|
|
|
|||
15
ssl/s3_pkt.c
15
ssl/s3_pkt.c
|
|
@ -141,9 +141,10 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
|
|||
/* ... now we can act as if 'extend' was set */
|
||||
}
|
||||
|
||||
/* extend reads should not span multiple packets for DTLS */
|
||||
if ( SSL_version(s) == DTLS1_VERSION &&
|
||||
extend)
|
||||
/* For DTLS/UDP reads should not span multiple packets
|
||||
* because the read operation returns the whole packet
|
||||
* at once (as long as it fits into the buffer). */
|
||||
if (SSL_version(s) == DTLS1_VERSION)
|
||||
{
|
||||
if ( s->s3->rbuf.left > 0 && n > s->s3->rbuf.left)
|
||||
n = s->s3->rbuf.left;
|
||||
|
|
@ -209,6 +210,14 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
|
|||
return(i);
|
||||
}
|
||||
newb+=i;
|
||||
/* reads should *never* span multiple packets for DTLS because
|
||||
* the underlying transport protocol is message oriented as opposed
|
||||
* to byte oriented as in the TLS case. */
|
||||
if (SSL_version(s) == DTLS1_VERSION)
|
||||
{
|
||||
if (n > newb)
|
||||
n = newb; /* makes the while condition false */
|
||||
}
|
||||
}
|
||||
|
||||
/* done reading, now the book-keeping */
|
||||
|
|
|
|||
Loading…
Reference in a new issue