Fix return code for truncated DTLS fragment.
authorAdam Langley <agl@imperialviolet.org>
Fri, 6 Jun 2014 21:44:20 +0000 (14:44 -0700)
committerMatt Caswell <matt@openssl.org>
Wed, 6 Aug 2014 19:36:40 +0000 (20:36 +0100)
commitb74d1d260f07bf0836610d6b1a53b32101913886
treedefbbbd67a9ef4f90b35bfe9b5cced3600b28be9
parentd0a4b7d1a2948fce38515b8d862f43e7ba0ebf74
Fix return code for truncated DTLS fragment.

Previously, a truncated DTLS fragment in
|dtls1_process_out_of_seq_message| would cause *ok to be cleared, but
the return value would still be the number of bytes read. This would
cause |dtls1_get_message| not to consider it an error and it would
continue processing as normal until the calling function noticed that
*ok was zero.

I can't see an exploit here because |dtls1_get_message| uses
|s->init_num| as the length, which will always be zero from what I can
see.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
ssl/d1_both.c