X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Fstatem%2Fstatem_dtls.c;h=b2ba35763a09b7b2d360f4ca4ad97fa5c1f0216b;hb=150840b9443d371bfa26e2a33051aa137b5606fc;hp=52e62a42731cfe28434fa0e24e8635c72ffdfe69;hpb=54105ddd230c0d77fab91dd3f423b58b2a976de7;p=oweals%2Fopenssl.git

diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c
index 52e62a4273..b2ba35763a 100644
--- a/ssl/statem/statem_dtls.c
+++ b/ssl/statem/statem_dtls.c
@@ -214,6 +214,9 @@ int dtls1_do_write(SSL *s, int type)
         else
             len = s->init_num;
 
+        if (len > s->max_send_fragment)
+            len = s->max_send_fragment;
+
         /*
          * XDTLS: this function is too long.  split out the CCS part
          */
@@ -656,7 +659,7 @@ dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st *msg_hdr)
         }
     } else {
         if (frag_len != msg_hdr->msg_len) {
-            return dtls1_reassemble_fragment(s, msg_hdr);;
+            return dtls1_reassemble_fragment(s, msg_hdr);
         }
 
         if (frag_len > dtls1_max_handshake_message_len(s))
@@ -788,8 +791,10 @@ static int dtls_get_reassembled_message(SSL *s, int *errtype, size_t *len)
         return 0;
     }
 
-    if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
-        wire[0] == SSL3_MT_HELLO_REQUEST) {
+    if (!s->server
+            && s->d1->r_msg_hdr.frag_off == 0
+            && s->statem.hand_state != TLS_ST_OK
+            && wire[0] == SSL3_MT_HELLO_REQUEST) {
         /*
          * The server may always send 'Hello Request' messages -- we are
          * doing a handshake anyway now, so ignore them if their format is
@@ -919,13 +924,8 @@ int dtls1_read_failed(SSL *s, int code)
          */
         return code;
     }
-#ifndef OPENSSL_NO_HEARTBEATS
-    /* done, no need to send a retransmit */
-    if (!SSL_in_init(s) && !s->tlsext_hb_pending)
-#else
     /* done, no need to send a retransmit */
     if (!SSL_in_init(s))
-#endif
     {
         BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
         return code;