projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
PR: 1829
[oweals/openssl.git]
/
ssl
/
s3_pkt.c
diff --git
a/ssl/s3_pkt.c
b/ssl/s3_pkt.c
index f90bb776667571f323c0384fad100d08f77ac774..9476dcddf6e958f6f3c566c3279f3f44bf74c4d7 100644
(file)
--- a/
ssl/s3_pkt.c
+++ b/
ssl/s3_pkt.c
@@
-277,11
+277,7
@@
again:
n2s(p,rr->length);
/* Lets check version */
n2s(p,rr->length);
/* Lets check version */
- if (s->first_packet)
- {
- s->first_packet=0;
- }
- else
+ if (!s->first_packet)
{
if (version != s->version)
{
{
if (version != s->version)
{
@@
-476,6
+472,7
@@
err:
int ssl3_do_uncompress(SSL *ssl)
{
int ssl3_do_uncompress(SSL *ssl)
{
+#ifndef OPENSSL_NO_COMP
int i;
SSL3_RECORD *rr;
int i;
SSL3_RECORD *rr;
@@
-487,12
+484,13
@@
int ssl3_do_uncompress(SSL *ssl)
else
rr->length=i;
rr->data=rr->comp;
else
rr->length=i;
rr->data=rr->comp;
-
+#endif
return(1);
}
int ssl3_do_compress(SSL *ssl)
{
return(1);
}
int ssl3_do_compress(SSL *ssl)
{
+#ifndef OPENSSL_NO_COMP
int i;
SSL3_RECORD *wr;
int i;
SSL3_RECORD *wr;
@@
-506,6
+504,7
@@
int ssl3_do_compress(SSL *ssl)
wr->length=i;
wr->input=wr->data;
wr->length=i;
wr->input=wr->data;
+#endif
return(1);
}
return(1);
}
@@
-754,8
+753,15
@@
int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
s->rwstate=SSL_NOTHING;
return(s->s3->wpend_ret);
}
s->rwstate=SSL_NOTHING;
return(s->s3->wpend_ret);
}
- else if (i <= 0)
+ else if (i <= 0) {
+ if (s->version == DTLS1_VERSION ||
+ s->version == DTLS1_BAD_VER) {
+ /* For DTLS, just drop it. That's kind of the whole
+ point in using a datagram service */
+ s->s3->wbuf.left = 0;
+ }
return(i);
return(i);
+ }
s->s3->wbuf.offset+=i;
s->s3->wbuf.left-=i;
}
s->s3->wbuf.offset+=i;
s->s3->wbuf.left-=i;
}
@@
-1226,6
+1232,13
@@
int ssl3_do_change_cipher_spec(SSL *s)
if (s->s3->tmp.key_block == NULL)
{
if (s->s3->tmp.key_block == NULL)
{
+ if (s->session == NULL)
+ {
+ /* might happen if dtls1_read_bytes() calls this */
+ SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);
+ return (0);
+ }
+
s->session->cipher=s->s3->tmp.new_cipher;
if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
}
s->session->cipher=s->s3->tmp.new_cipher;
if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
}