diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2022-04-11 10:12:48 +0200 |
---|---|---|
committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2022-04-14 16:16:47 +0200 |
commit | e915c3f5381cd38ebdc1824c3ba9896ea7160103 (patch) | |
tree | 14b7063f9f2bbe502b1bb69f0b2285337696b450 /ssl | |
parent | 53137462f42f8673fbd5b0831f8ea051ddea509f (diff) |
Fix an assertion in the DTLS server code
This fixes an internal error alert from the server and
an unexpected connection failure in the release version,
but a failed assertion and a server crash in the
debug version.
Reproduce this issue with a DTLS server/client like that:
./openssl s_server -dtls -mtu 1500
./openssl s_client -dtls -maxfraglen 512
In the debug version a crash happens in the Server now:
./openssl s_server -dtls -mtu 1500
Using default temp DH parameters
ACCEPT
ssl/statem/statem_dtls.c:269: OpenSSL internal error: Assertion failed: len == written
Aborted (core dumped)
While in the release version the handshake exceeds the
negotiated max fragment size, and fails because of this:
$ ./openssl s_server -dtls -mtu 1500
Using default temp DH parameters
ACCEPT
ERROR
4057152ADA7F0000:error:0A0000C2:SSL routines:do_dtls1_write:exceeds max fragment size:ssl/record/rec_layer_d1.c:826:
shutting down SSL
CONNECTION CLOSED
From the client's point of view the connection fails
with an Internal Error Alert:
$ ./openssl s_client -dtls -maxfraglen 512
Connecting to ::1
CONNECTED(00000003)
40B76343377F0000:error:0A000438:SSL routines:dtls1_read_bytes:tlsv1 alert internal error:ssl/record/rec_layer_d1.c:613:SSL alert number 80
and now the connection attempt fails unexpectedly.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18093)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/statem/statem_dtls.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index 8c588fd590..ded9a606c2 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -218,8 +218,8 @@ int dtls1_do_write(SSL *s, int type) else len = s->init_num; - if (len > s->max_send_fragment) - len = s->max_send_fragment; + if (len > ssl_get_max_send_fragment(s)) + len = ssl_get_max_send_fragment(s); /* * XDTLS: this function is too long. split out the CCS part @@ -241,7 +241,7 @@ int dtls1_do_write(SSL *s, int type) ret = dtls1_write_bytes(s, type, &s->init_buf->data[s->init_off], len, &written); - if (ret < 0) { + if (ret <= 0) { /* * might need to update MTU here, but we don't know which * previous packet caused the failure -- so can't really |