projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Clarify CMS_decrypt behaviour.
[openssl.git]
/
ssl
/
d1_srtp.c
diff --git
a/ssl/d1_srtp.c
b/ssl/d1_srtp.c
index e9e6f5a67ea81c0d973a51092fe976000d5df644..928935bd8b4cd841de242e4579ee86c809d3c5bb 100644
(file)
--- a/
ssl/d1_srtp.c
+++ b/
ssl/d1_srtp.c
@@
-406,7
+406,7
@@
int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int max
{
if(p)
{
{
if(p)
{
- if(maxlen <
3
)
+ if(maxlen <
5
)
{
SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
return 1;
{
SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
return 1;
@@
-417,11
+417,11
@@
int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int max
SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,SSL_R_USE_SRTP_NOT_NEGOTIATED);
return 1;
}
SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,SSL_R_USE_SRTP_NOT_NEGOTIATED);
return 1;
}
-
+ s2n(2, p);
s2n(s->srtp_profile->id,p);
*p++ = 0;
}
s2n(s->srtp_profile->id,p);
*p++ = 0;
}
- *len=
3
;
+ *len=
5
;
return 0;
}
return 0;
}
@@
-431,10
+431,20
@@
int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al
{
unsigned id;
int i;
{
unsigned id;
int i;
+ int ct;
+
STACK_OF(SRTP_PROTECTION_PROFILE) *clnt;
SRTP_PROTECTION_PROFILE *prof;
STACK_OF(SRTP_PROTECTION_PROFILE) *clnt;
SRTP_PROTECTION_PROFILE *prof;
- if(len!=3)
+ if(len!=5)
+ {
+ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+ *al=SSL_AD_DECODE_ERROR;
+ return 1;
+ }
+
+ n2s(d, ct);
+ if(ct!=2)
{
SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
*al=SSL_AD_DECODE_ERROR;
{
SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
*al=SSL_AD_DECODE_ERROR;