[openssl-commits] [openssl] OpenSSL source code branch OpenSSL_1_0_1-stable updated. OpenSSL_1_0_1j-68-g9673056
Matt Caswell
matt at openssl.org
Tue Dec 16 00:12:55 UTC 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".
The branch, OpenSSL_1_0_1-stable has been updated
via 9673056c259dae5a0b44a4714c8856871e281e9f (commit)
via f50730d3615026d3d898e8c6821b23bdcf69cf96 (commit)
from 9beb948c0dae6056caddf46a9aa099e18905d184 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9673056c259dae5a0b44a4714c8856871e281e9f
Author: Matt Caswell <matt at openssl.org>
Date: Mon Dec 15 20:48:33 2014 +0000
Remove extraneous white space, and add some braces
Reviewed-by: Emilia Käsper <emilia at openssl.org>
(cherry picked from commit 55e530265a7ea8f264717a4e37338cc04eca2007)
commit f50730d3615026d3d898e8c6821b23bdcf69cf96
Author: Matt Caswell <matt at openssl.org>
Date: Fri Dec 12 15:32:24 2014 +0000
DTLS fixes for signed/unsigned issues
Reviewed-by: Emilia Käsper <emilia at openssl.org>
(cherry picked from commit 1904d21123849a65dafde1705e6dd5b7c2f420eb)
-----------------------------------------------------------------------
Summary of changes:
ssl/d1_both.c | 40 +++++++++++++++++++++++++++++++---------
1 file changed, 31 insertions(+), 9 deletions(-)
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 20f5628..1b9d64b 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -259,9 +259,9 @@ static int dtls1_query_mtu(SSL *s)
int dtls1_do_write(SSL *s, int type)
{
int ret;
- int curr_mtu;
+ unsigned int curr_mtu;
int retry = 1;
- unsigned int len, frag_off, mac_size, blocksize;
+ unsigned int len, frag_off, mac_size, blocksize, used_len;
if(!dtls1_query_mtu(s))
return -1;
@@ -284,10 +284,15 @@ int dtls1_do_write(SSL *s, int type)
blocksize = 0;
frag_off = 0;
- while( s->init_num)
+ /* s->init_num shouldn't ever be < 0...but just in case */
+ while(s->init_num > 0)
{
- curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) -
- DTLS1_RT_HEADER_LENGTH - mac_size - blocksize;
+ used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH
+ + mac_size + blocksize;
+ if(s->d1->mtu > used_len)
+ curr_mtu = s->d1->mtu - used_len;
+ else
+ curr_mtu = 0;
if ( curr_mtu <= DTLS1_HM_HEADER_LENGTH)
{
@@ -295,15 +300,27 @@ int dtls1_do_write(SSL *s, int type)
ret = BIO_flush(SSL_get_wbio(s));
if ( ret <= 0)
return ret;
- curr_mtu = s->d1->mtu - DTLS1_RT_HEADER_LENGTH -
- mac_size - blocksize;
+ used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize;
+ if(s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH)
+ {
+ curr_mtu = s->d1->mtu - used_len;
+ }
+ else
+ {
+ /* Shouldn't happen */
+ return -1;
+ }
}
- if ( s->init_num > curr_mtu)
+ /* We just checked that s->init_num > 0 so this cast should be safe */
+ if (((unsigned int)s->init_num) > curr_mtu)
len = curr_mtu;
else
len = s->init_num;
+ /* Shouldn't ever happen */
+ if(len > INT_MAX)
+ len = INT_MAX;
/* XDTLS: this function is too long. split out the CCS part */
if ( type == SSL3_RT_HANDSHAKE)
@@ -314,12 +331,17 @@ int dtls1_do_write(SSL *s, int type)
s->init_off -= DTLS1_HM_HEADER_LENGTH;
s->init_num += DTLS1_HM_HEADER_LENGTH;
- if ( s->init_num > curr_mtu)
+ /* We just checked that s->init_num > 0 so this cast should be safe */
+ if (((unsigned int)s->init_num) > curr_mtu)
len = curr_mtu;
else
len = s->init_num;
}
+ /* Shouldn't ever happen */
+ if(len > INT_MAX)
+ len = INT_MAX;
+
if ( len < DTLS1_HM_HEADER_LENGTH )
{
/*
hooks/post-receive
--
OpenSSL source code
More information about the openssl-commits
mailing list