PR: 2533

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes
the program to crash. This is due to missing version checks and is fixed with
this patch.

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index ee103cd2427c403eb15d6b7007df79d167d113ba..d1a18ee276efd58c1c1d525a4249d12f4aa20e78 100644 (file)
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -247,7 +247,8 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
                if (i <= 0)
                        {
                        rb->left = left;
-                       if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+                       if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
+                           SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
                                if (len+left == 0)
                                        ssl3_release_read_buffer(s);
                        return(i);
@@ -866,7 +867,8 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
                        {
                        wb->left=0;
                        wb->offset+=i;
-                       if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+                       if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
+                           SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
                                ssl3_release_write_buffer(s);
                        s->rwstate=SSL_NOTHING;
                        return(s->s3->wpend_ret);