PR: 2022

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Fix DTLS record header length bug.
2009-09-04 16:42:17 +00:00 · 2009-09-04 16:42:17 +00:00 · e8cce0babe
commit e8cce0babe
parent 11d655ef40
1 changed files with 7 additions and 2 deletions
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@ -587,9 +587,14 @@ int ssl_verify_alarm_type(long type)
 int ssl3_setup_buffers(SSL *s)
 	{
 	unsigned char *p;
-	unsigned int extra;
+	unsigned int extra,headerlen;
 	size_t len;

+	if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+		headerlen = DTLS1_RT_HEADER_LENGTH;
+	else
+		headerlen = SSL3_RT_HEADER_LENGTH;
+
 	if (s->s3->rbuf.buf == NULL)
 		{
 		if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
@ -606,7 +611,7 @@ int ssl3_setup_buffers(SSL *s)
 	if (s->s3->wbuf.buf == NULL)
 		{
 		len = SSL3_RT_MAX_PACKET_SIZE;
-		len += SSL3_RT_HEADER_LENGTH + 256; /* extra space for empty fragment */
+		len += headerlen + 256; /* extra space for empty fragment */
 		if ((p=OPENSSL_malloc(len)) == NULL)
 			goto err;
 		s->s3->wbuf.buf = p;