[openssl-commits] [openssl] OpenSSL source code branch OpenSSL_1_0_0-stable updated. OpenSSL_1_0_0o-47-g2ececf5
Matt Caswell
matt at openssl.org
Tue Dec 16 00:12:44 UTC 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".
The branch, OpenSSL_1_0_0-stable has been updated
via 2ececf59deb88819a5caf8de61d357ff87bf8190 (commit)
via a60536348b62f844f9d8e3a88c063f4b89d1f606 (commit)
from 9d410579a782262c1a372bea80475ddee523985d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2ececf59deb88819a5caf8de61d357ff87bf8190
Author: Matt Caswell <matt at openssl.org>
Date: Mon Dec 15 20:48:33 2014 +0000
Remove extraneous white space, and add some braces
Reviewed-by: Emilia Käsper <emilia at openssl.org>
(cherry picked from commit 55e530265a7ea8f264717a4e37338cc04eca2007)
commit a60536348b62f844f9d8e3a88c063f4b89d1f606
Author: Matt Caswell <matt at openssl.org>
Date: Fri Dec 12 15:32:24 2014 +0000
DTLS fixes for signed/unsigned issues
Reviewed-by: Emilia Käsper <emilia at openssl.org>
(cherry picked from commit 1904d21123849a65dafde1705e6dd5b7c2f420eb)
-----------------------------------------------------------------------
Summary of changes:
ssl/d1_both.c | 40 +++++++++++++++++++++++++++++++---------
1 file changed, 31 insertions(+), 9 deletions(-)
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 7c8bed3..f3492c0 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -259,9 +259,9 @@ static int dtls1_query_mtu(SSL *s)
int dtls1_do_write(SSL *s, int type)
{
int ret;
- int curr_mtu;
+ unsigned int curr_mtu;
int retry = 1;
- unsigned int len, frag_off, mac_size, blocksize;
+ unsigned int len, frag_off, mac_size, blocksize, used_len;
if(!dtls1_query_mtu(s))
return -1;
@@ -284,10 +284,15 @@ int dtls1_do_write(SSL *s, int type)
blocksize = 0;
frag_off = 0;
- while( s->init_num)
+ /* s->init_num shouldn't ever be < 0...but just in case */
+ while(s->init_num > 0)
{
- curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) -
- DTLS1_RT_HEADER_LENGTH - mac_size - blocksize;
+ used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH
+ + mac_size + blocksize;
+ if(s->d1->mtu > used_len)
+ curr_mtu = s->d1->mtu - used_len;
+ else
+ curr_mtu = 0;
if ( curr_mtu <= DTLS1_HM_HEADER_LENGTH)
{
@@ -295,15 +300,27 @@ int dtls1_do_write(SSL *s, int type)
ret = BIO_flush(SSL_get_wbio(s));
if ( ret <= 0)
return ret;
- curr_mtu = s->d1->mtu - DTLS1_RT_HEADER_LENGTH -
- mac_size - blocksize;
+ used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize;
+ if(s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH)
+ {
+ curr_mtu = s->d1->mtu - used_len;
+ }
+ else
+ {
+ /* Shouldn't happen */
+ return -1;
+ }
}
- if ( s->init_num > curr_mtu)
+ /* We just checked that s->init_num > 0 so this cast should be safe */
+ if (((unsigned int)s->init_num) > curr_mtu)
len = curr_mtu;
else
len = s->init_num;
+ /* Shouldn't ever happen */
+ if(len > INT_MAX)
+ len = INT_MAX;
/* XDTLS: this function is too long. split out the CCS part */
if ( type == SSL3_RT_HANDSHAKE)
@@ -314,12 +331,17 @@ int dtls1_do_write(SSL *s, int type)
s->init_off -= DTLS1_HM_HEADER_LENGTH;
s->init_num += DTLS1_HM_HEADER_LENGTH;
- if ( s->init_num > curr_mtu)
+ /* We just checked that s->init_num > 0 so this cast should be safe */
+ if (((unsigned int)s->init_num) > curr_mtu)
len = curr_mtu;
else
len = s->init_num;
}
+ /* Shouldn't ever happen */
+ if(len > INT_MAX)
+ len = INT_MAX;
+
if ( len < DTLS1_HM_HEADER_LENGTH )
{
/*
hooks/post-receive
--
OpenSSL source code
More information about the openssl-commits
mailing list