Commit e6027420 authored by David Woodhouse's avatar David Woodhouse Committed by Matt Caswell
Browse files

Fix ossl_statem_client_max_message_size() for DTLS1_BAD_VER 



The Change Cipher Spec message in this ancient pre-standard version of DTLS
that Cisco are unfortunately still using in their products, is 3 bytes.

Allow it.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
parent c8a18468

ssl/statem/statem_clnt.c

+2 −0
Original line number Diff line number Diff line
@@ -589,6 +589,8 @@ unsigned long ossl_statem_client_max_message_size(SSL *s) 
            return SERVER_HELLO_DONE_MAX_LENGTH;



        case TLS_ST_CR_CHANGE:

            if (s->version == DTLS1_BAD_VER)

                return 3;

            return CCS_MAX_LENGTH;



        case TLS_ST_CR_SESSION_TICKET: