The first call to query the mtu in dtls1_do_write correctly checks that the
authorMatt Caswell <matt@openssl.org>
Mon, 1 Dec 2014 11:41:25 +0000 (11:41 +0000)
committerMatt Caswell <matt@openssl.org>
Wed, 3 Dec 2014 09:32:48 +0000 (09:32 +0000)
mtu that we have received is not less than the minimum. If its less it uses the
minimum instead. The second call to query the mtu does not do that, but
instead uses whatever comes back. We have seen an instance in RT#3592 where we
have got an unreasonably small mtu come back. This commit makes both query
checks consistent.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 6abb0d1f8e702a0daa9c32b8021d01eda0483018)

ssl/d1_both.c

index 4e68a2907bf49b2aa9e15f6c40a121b4be9d9e74..93adccef2eae8b2296391f34edb07878497320d4 100644 (file)
@@ -224,13 +224,8 @@ void dtls1_hm_fragment_free(hm_fragment *frag)
        OPENSSL_free(frag);
        }
 
-/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
-int dtls1_do_write(SSL *s, int type)
-       {
-       int ret;
-       int curr_mtu;
-       unsigned int len, frag_off, mac_size, blocksize;
-
+static void dtls1_query_mtu(SSL *s)
+{
        /* AHA!  Figure out the MTU, and stick to the right size */
        if (s->d1->mtu < dtls1_min_mtu() && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
                {
@@ -247,6 +242,16 @@ int dtls1_do_write(SSL *s, int type)
                                s->d1->mtu, NULL);
                        }
                }
+}
+
+/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
+int dtls1_do_write(SSL *s, int type)
+       {
+       int ret;
+       int curr_mtu;
+       unsigned int len, frag_off, mac_size, blocksize;
+
+       dtls1_query_mtu(s);
 #if 0 
        mtu = s->d1->mtu;
 
@@ -352,8 +357,7 @@ int dtls1_do_write(SSL *s, int type)
                                BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0 )
                                {
                                if(!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
-                                       s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
-                                               BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+                                       dtls1_query_mtu(s);
                                else
                                        return -1;
                                }