mirror of
https://github.com/openssl/openssl.git
synced 2024-12-19 23:13:49 +08:00
Fix ossl_statem_client_max_message_size() for DTLS1_BAD_VER
The Change Cipher Spec message in this ancient pre-standard version of DTLS that Cisco are unfortunately still using in their products, is 3 bytes. Allow it. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
parent
c8a18468ca
commit
e6027420b7
@ -589,6 +589,8 @@ unsigned long ossl_statem_client_max_message_size(SSL *s)
|
||||
return SERVER_HELLO_DONE_MAX_LENGTH;
|
||||
|
||||
case TLS_ST_CR_CHANGE:
|
||||
if (s->version == DTLS1_BAD_VER)
|
||||
return 3;
|
||||
return CCS_MAX_LENGTH;
|
||||
|
||||
case TLS_ST_CR_SESSION_TICKET:
|
||||
|
Loading…
Reference in New Issue
Block a user