From 34d01a3b20860252c04df0197f95486d4ee8128e Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 13 Jul 2009 22:37:45 +0000 Subject: [PATCH] =?utf8?q?PR:=201984=20Submitted=20by:=20Michael=20T=C3=83?= =?utf8?q?=C2=BCxen=20=20Approved=20by:?= =?utf8?q?=20steve@openssl.org?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit PR#1984 DTLS fix for 0.9.8. --- ssl/d1_pkt.c | 7 ++++++- ssl/s3_pkt.c | 15 ++++++++++++--- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 26d5c3b1d2..989b5337b5 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -517,7 +517,12 @@ again: /* read timeout is handled by dtls1_read_bytes */ if (n <= 0) return(n); /* error or non-blocking */ - OPENSSL_assert(s->packet_length == DTLS1_RT_HEADER_LENGTH); + /* this packet contained a partial record, dump it */ + if (s->packet_length != DTLS1_RT_HEADER_LENGTH) + { + s->packet_length = 0; + goto again; + } s->rstate=SSL_ST_READ_BODY; diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 60135ff9ac..408ab9214c 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -141,9 +141,10 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) /* ... now we can act as if 'extend' was set */ } - /* extend reads should not span multiple packets for DTLS */ - if ( SSL_version(s) == DTLS1_VERSION && - extend) + /* For DTLS/UDP reads should not span multiple packets + * because the read operation returns the whole packet + * at once (as long as it fits into the buffer). */ + if (SSL_version(s) == DTLS1_VERSION) { if ( s->s3->rbuf.left > 0 && n > s->s3->rbuf.left) n = s->s3->rbuf.left; @@ -209,6 +210,14 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) return(i); } newb+=i; + /* reads should *never* span multiple packets for DTLS because + * the underlying transport protocol is message oriented as opposed + * to byte oriented as in the TLS case. */ + if (SSL_version(s) == DTLS1_VERSION) + { + if (n > newb) + n = newb; /* makes the while condition false */ + } } /* done reading, now the book-keeping */ -- 2.25.1