Commit d3d9eef3 authored by Matt Caswell's avatar Matt Caswell
Browse files

If we really get a situation where the underlying mtu is less than the minimum 


we will support then dtls1_do_write can go into an infinite loop. This commit
fixes that.

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
parent 1620a2e4

ssl/d1_both.c

+4 −1
Original line number Diff line number Diff line
@@ -260,6 +260,7 @@ int dtls1_do_write(SSL *s, int type) 
	{

	int ret;

	int curr_mtu;

	int retry = 1;

	unsigned int len, frag_off, mac_size, blocksize;



	if(!dtls1_query_mtu(s))
@@ -370,13 +371,15 @@ int dtls1_do_write(SSL *s, int type) 
			 * is fine and wait for an alert to handle the

			 * retransmit 

			 */

			if ( BIO_ctrl(SSL_get_wbio(s),

			if ( retry && BIO_ctrl(SSL_get_wbio(s),

				BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0 )

				{

				if(!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))

					{

					if(!dtls1_query_mtu(s))

						return -1;

					/* Have one more go */

					retry = 0;

					}

				else

					return -1;