From: Robin Seggelmann Date: Wed, 9 May 2012 17:28:44 +0000 (+0200) Subject: DTLS/SCTP struct authchunks Bug X-Git-Tag: OpenSSL_1_0_1f~33 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=44f4934bdeddfa2cc1533feaa636d5978476dc88;p=oweals%2Fopenssl.git DTLS/SCTP struct authchunks Bug PR: 2809 DTLS/SCTP requires DATA and FORWARD-TSN chunks to be protected with SCTP-AUTH. It is checked if this has been activated successfully for the local and remote peer. Due to a bug, however, the gauth_number_of_chunks field of the authchunks struct is missing on FreeBSD, and was therefore not considered in the OpenSSL implementation. This patch sets the corresponding pointer for the check correctly whether or not this bug is present. (cherry picked from commit f596e3c491035fe80db5fc0c3ff6b647662b0003) (cherry picked from commit b8140811367f6e1ef13afa6ffe9625309c46946c) --- diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c index 8990909971..54c012c47d 100644 --- a/crypto/bio/bss_dgram.c +++ b/crypto/bio/bss_dgram.c @@ -906,8 +906,8 @@ BIO *BIO_new_dgram_sctp(int fd, int close_flag) memset(authchunks, 0, sizeof(sockopt_len)); ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks, &sockopt_len); OPENSSL_assert(ret >= 0); - - for (p = (unsigned char*) authchunks + sizeof(sctp_assoc_t); + + for (p = (unsigned char*) authchunks->gauth_chunks; p < (unsigned char*) authchunks + sockopt_len; p += sizeof(uint8_t)) { @@ -1197,7 +1197,7 @@ static int dgram_sctp_read(BIO *b, char *out, int outl) ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS, authchunks, &optlen); OPENSSL_assert(ii >= 0); - for (p = (unsigned char*) authchunks + sizeof(sctp_assoc_t); + for (p = (unsigned char*) authchunks->gauth_chunks; p < (unsigned char*) authchunks + optlen; p += sizeof(uint8_t)) {