From: Matt Caswell <matt@openssl.org>
Date: Wed, 17 Jun 2020 10:34:49 +0000 (+0100)
Subject: Fix the DTLS1_COOKIE_LENGTH value
X-Git-Tag: openssl-3.0.0-alpha4~69
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=cfbe41ea9138ba5f4fb6f859a72034ba4ddc693f;ds=sidebyside

Fix the DTLS1_COOKIE_LENGTH value

The DTLS1_COOKIE_LENGTH value was incorrect in the header files. We
couldn't change it before due to ABI concerns. However 3.0 is not ABI
compatible so we can now fix it.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12179)
---

diff --git a/include/openssl/dtls1.h b/include/openssl/dtls1.h
index bfc2d6e38f..a68cffd1d4 100644
--- a/include/openssl/dtls1.h
+++ b/include/openssl/dtls1.h
@@ -36,11 +36,8 @@ extern "C" {
 # define DTLS_ANY_VERSION                0x1FFFF
 
 /* lengths of messages */
-/*
- * Actually the max cookie length in DTLS is 255. But we can't change this now
- * due to compatibility concerns.
- */
-# define DTLS1_COOKIE_LENGTH                     256
+
+# define DTLS1_COOKIE_LENGTH                     255
 
 # define DTLS1_RT_HEADER_LENGTH                  13
 
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index d3913e1b7d..abffbd6326 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1312,7 +1312,7 @@ int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt)
     if (s->ctx->app_gen_cookie_cb == NULL ||
         s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
                                   &cookie_leni) == 0 ||
-        cookie_leni > 255) {
+        cookie_leni > DTLS1_COOKIE_LENGTH) {
         SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST,
                  SSL_R_COOKIE_GEN_CALLBACK_FAILURE);
         return 0;