[openssl-commits] [openssl] master update

[Matt Caswell]

The branch master has been updated
       via  5178a16c4375471d25e1f5ef5de46febb62a5529 (commit)
      from  a8ae0891d4bfd18f224777aed1fbb172504421f1 (commit)


- Log -----------------------------------------------------------------
commit 5178a16c4375471d25e1f5ef5de46febb62a5529
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Mar 2 14:34:19 2015 +0000

    Fix DTLS1_BAD_VER regression
    
    Commit 9cf0f187 in HEAD, and 68039af3 in 1.0.2, removed a version check
    from dtls1_buffer_message() which was needed to distinguish between DTLS
    1.x and Cisco's pre-standard version of DTLS (DTLS1_BAD_VER).
    
    Based on an original patch by David Woodhouse <dwmw2 at infradead.org>
    RT#3703
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 ssl/d1_both.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 7d48cc4..a7d0a82 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -1086,8 +1086,10 @@ int dtls1_buffer_message(SSL *s, int is_ccs)
     memcpy(frag->fragment, s->init_buf->data, s->init_num);
 
     if (is_ccs) {
+        /* For DTLS1_BAD_VER the header length is non-standard */
         OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
-                       DTLS1_CCS_HEADER_LENGTH == (unsigned int)s->init_num);
+                       ((s->version==DTLS1_BAD_VER)?3:DTLS1_CCS_HEADER_LENGTH)
+                       == (unsigned int)s->init_num);
     } else {
         OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
                        DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);