unsigned int len, frag_off, mac_size, blocksize;
/* AHA! Figure out the MTU, and stick to the right size */
- if ( ! (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
+ if (s->d1->mtu < dtls1_min_mtu() && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
{
s->d1->mtu =
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
/* I've seen the kernel return bogus numbers when it doesn't know
* (initial write), so just make sure we have a reasonable number */
- if ( s->d1->mtu < dtls1_min_mtu())
+ if (s->d1->mtu < dtls1_min_mtu())
{
s->d1->mtu = 0;
s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);
return(dtls1_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
}
-unsigned long dtls1_output_cert_chain(SSL *s, X509 *x)
+unsigned long dtls1_output_cert_chain(SSL *s, CERT_PKEY *cpk)
{
unsigned char *p;
unsigned long l= 3 + DTLS1_HM_HEADER_LENGTH;
BUF_MEM *buf=s->init_buf;
- if (!ssl_add_cert_chain(s, x, &l))
+ if (!ssl_add_cert_chain(s, cpk, &l))
return 0;
l-= (3 + DTLS1_HM_HEADER_LENGTH);
*bp++ = TLS1_HB_RESPONSE;
s2n(payload, bp);
memcpy(bp, pl, payload);
+ bp += payload;
/* Random padding */
- RAND_pseudo_bytes(p, padding);
+ RAND_pseudo_bytes(bp, padding);
r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);