projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bd79bcb) | patch
Don't attempt to send fragments > max_send_fragment in DTLS
authorMatt Caswell <matt@openssl.org>
Fri, 21 Apr 2017 13:00:20 +0000 (14:00 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 25 Apr 2017 10:13:39 +0000 (11:13 +0100)
commitaefb925647175a310df73416c9c7253424a65106
tree97d2879bf217a87b49a0e9c32a50e120f0e1fb72tree | snapshot
parentbd79bcb42bab120575fc398692b7b61b1c5e6ed2commit | diff
Don't attempt to send fragments > max_send_fragment in DTLS

We were allocating the write buffer based on the size of max_send_fragment,
but ignoring it when writing data. We should fragment handshake messages
if they exceed max_send_fragment and reject application data writes that
are too large.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3286)
include/openssl/ssl.h diff | blob | history
ssl/record/rec_layer_d1.c diff | blob | history
ssl/ssl_err.c diff | blob | history
ssl/statem/statem_dtls.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.