generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

If we really get a situation where the underlying mtu is less than the minimum

Browse Source 
we will support then dtls1_do_write can go into an infinite loop. This commit
fixes that.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit d3d9eef31661633f5b003a9e115c1822f79d1870)
This commit is contained in:
Matt Caswell 2014-12-02 00:16:55 +00:00
parent 1872083ca1
commit 788a5bad17
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ssl/d1_both.c
View File

@ -260,6 +260,7 @@ int dtls1_do_write(SSL *s, int type)
{
int ret;
int curr_mtu;
int retry = 1;
unsigned int len, frag_off, mac_size, blocksize;
if(!dtls1_query_mtu(s))
@ -370,13 +371,15 @@ int dtls1_do_write(SSL *s, int type)
* is fine and wait for an alert to handle the
* retransmit
*/
if ( BIO_ctrl(SSL_get_wbio(s),
if ( retry && BIO_ctrl(SSL_get_wbio(s),
BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0 )
{
if(!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
{
if(!dtls1_query_mtu(s))
return -1;
/* Have one more go */
retry = 0;
}
else
return -1;