Commit ae3fcdf1 authored by Matt Caswell's avatar Matt Caswell
Browse files

Fix DTLS1_BAD_VER regression 



Commit 9cf0f187 in HEAD, and 68039af3 in 1.0.2, removed a version check
from dtls1_buffer_message() which was needed to distinguish between DTLS
1.x and Cisco's pre-standard version of DTLS (DTLS1_BAD_VER).

Based on an original patch by David Woodhouse <dwmw2@infradead.org>
RT#3703

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
(cherry picked from commit 5178a16c)
parent d6ca1cee

ssl/d1_both.c

+3 −1
Original line number Diff line number Diff line
@@ -1108,8 +1108,10 @@ int dtls1_buffer_message(SSL *s, int is_ccs) 
    memcpy(frag->fragment, s->init_buf->data, s->init_num);



    if (is_ccs) {

        /* For DTLS1_BAD_VER the header length is non-standard */

        OPENSSL_assert(s->d1->w_msg_hdr.msg_len +

                       DTLS1_CCS_HEADER_LENGTH == (unsigned int)s->init_num);

                       ((s->version==DTLS1_BAD_VER)?3:DTLS1_CCS_HEADER_LENGTH)

                       == (unsigned int)s->init_num);

    } else {

        OPENSSL_assert(s->d1->w_msg_hdr.msg_len +

                       DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);