import openssl-0.9.8j

author: djm <> 2009-01-09 12:14:11 +0000
committer: djm <> 2009-01-09 12:14:11 +0000
commit: a0fdc9ec41594852f67ec77dfad9cb06bacc4186 (patch)
tree: c43f6b3a4d93ad2cb3dcf93275295679d895a033 /src/lib/libssl/d1_pkt.c
parent: 5a3c0a05c7f2c5d3c584b7c8d6aec836dd724c80 (diff)
download: openbsd-a0fdc9ec41594852f67ec77dfad9cb06bacc4186.tar.gz
openbsd-a0fdc9ec41594852f67ec77dfad9cb06bacc4186.tar.bz2
openbsd-a0fdc9ec41594852f67ec77dfad9cb06bacc4186.zip
1 files changed, 18 insertions, 4 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 377696deac..eb56cf987b 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -597,6 +597,7 @@ again:
        /* check whether this is a repeat, or aged record */
        if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
                {
+                rr->length = 0;
                s->packet_length=0; /* dump this record */
                goto again;     /* get another record */
                }
@@ -811,6 +812,14 @@ start:
             *  may be fragmented--don't always expect dest_maxlen bytes */
                        if ( rr->length < dest_maxlen)
                                {
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+                                /*
+                                 * for normal alerts rr->length is 2, while
+                                 * dest_maxlen is 7 if we were to handle this
+                                 * non-existing alert...
+                                 */
+                                FIX ME
+#endif
                                s->rstate=SSL_ST_READ_HEADER;
                                rr->length = 0;
                                goto start;
@@ -1251,7 +1260,7 @@ int dtls1_write_bytes(SSL *s, int type, const void *buf_, int len)
        else 
                s->s3->wnum += i;
-        return tot + i;
+        return i;
        }
 int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment)
@@ -1576,7 +1585,7 @@ int dtls1_dispatch_alert(SSL *s)
        {
        int i,j;
        void (*cb)(const SSL *ssl,int type,int val)=NULL;
-        unsigned char buf[2 + 2 + 3]; /* alert level + alert desc + message seq +frag_off */
+        unsigned char buf[DTLS1_AL_HEADER_LENGTH];
        unsigned char *ptr = &buf[0];
        s->s3->alert_dispatch=0;
@@ -1585,6 +1594,7 @@ int dtls1_dispatch_alert(SSL *s)
        *ptr++ = s->s3->send_alert[0];
        *ptr++ = s->s3->send_alert[1];
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
        if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE)
                {       
                s2n(s->d1->handshake_read_seq, ptr);
@@ -1600,6 +1610,7 @@ int dtls1_dispatch_alert(SSL *s)
 #endif
                l2n3(s->d1->r_msg_hdr.frag_off, ptr);
                }
+#endif
        i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
        if (i <= 0)
@@ -1609,8 +1620,11 @@ int dtls1_dispatch_alert(SSL *s)
                }
        else
                {
-                if ( s->s3->send_alert[0] == SSL3_AL_FATAL ||
+                if (s->s3->send_alert[0] == SSL3_AL_FATAL
-                        s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE)
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+                    || s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+#endif
+                   )
                        (void)BIO_flush(s->wbio);
                if (s->msg_callback)
author	djm <>	2009-01-09 12:14:11 +0000
committer	djm <>	2009-01-09 12:14:11 +0000
commit	a0fdc9ec41594852f67ec77dfad9cb06bacc4186 (patch)
tree	c43f6b3a4d93ad2cb3dcf93275295679d895a033 /src/lib/libssl/d1_pkt.c
parent	5a3c0a05c7f2c5d3c584b7c8d6aec836dd724c80 (diff)
download	openbsd-a0fdc9ec41594852f67ec77dfad9cb06bacc4186.tar.gz openbsd-a0fdc9ec41594852f67ec77dfad9cb06bacc4186.tar.bz2 openbsd-a0fdc9ec41594852f67ec77dfad9cb06bacc4186.zip