projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c9a6b9f) | patch
Don't attempt to send fragments > max_send_fragment in DTLS
authorMatt Caswell <matt@openssl.org>
Fri, 21 Apr 2017 13:00:20 +0000 (14:00 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 25 Apr 2017 13:04:13 +0000 (14:04 +0100)
commit22ae579bea93c0a426bacb764783e0e2cf35c14c
treefec2421f22df1a13903f5384219f911287aa8cb6tree | snapshot
parentc9a6b9f7ed482025d684ef3a04505004f85a97a1commit | diff
Don't attempt to send fragments > max_send_fragment in DTLS

We were allocating the write buffer based on the size of max_send_fragment,
but ignoring it when writing data. We should fragment handshake messages
if they exceed max_send_fragment and reject application data writes that
are too large.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3287)
include/openssl/ssl.h diff | blob | history
ssl/record/rec_layer_d1.c diff | blob | history
ssl/ssl_err.c diff | blob | history
ssl/statem/statem_dtls.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.