]> granicus.if.org Git - openssl/commitdiff
projects / openssl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5e47008)
The SSL_OP_NO_QUERY_MTU option is supposed to stop the mtu from being
authorMatt Caswell <matt@openssl.org>
Mon, 1 Dec 2014 11:13:15 +0000 (11:13 +0000)
committerMatt Caswell <matt@openssl.org>
Wed, 3 Dec 2014 09:30:21 +0000 (09:30 +0000)
automatically updated, and we should use the one provided instead.
Unfortunately there are a couple of locations where this is not respected.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 001235778a6e9c645dc0507cad6092d99c9af8f5)

ssl/d1_both.c patch | blob | history
ssl/d1_lib.c patch | blob | history

diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 1bb177ed6248ef937caaa4da9a39382cc39adca9..c09504a6fa97a5a70bbed81ebebfc5faf642c249 100644 (file)
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -355,10 +355,17 @@ int dtls1_do_write(SSL *s, int type)
                         */
                        if ( BIO_ctrl(SSL_get_wbio(s),
                                BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0 )
-                               s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
-                                       BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+                               {
+                               if(!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
+                                       s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
+                                               BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+                               else
+                                       return -1;
+                               }
                        else
+                               {
                                return(-1);
+                               }
                        }
                else
                        {
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index a593c7859e772c83c9fb929136695aa6ee6334c8..d52abf3414dc1d802242ae8186cdda9bff72fd1a 100644 (file)
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -453,7 +453,8 @@ int dtls1_check_timeout_num(SSL *s)
        s->d1->timeout.num_alerts++;
 
        /* Reduce MTU after 2 unsuccessful retransmissions */
-       if (s->d1->timeout.num_alerts > 2)
+       if (s->d1->timeout.num_alerts > 2
+                       && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
                {
                s->d1->mtu = BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0, NULL);               
                }
Unnamed repository; edit this file 'description' to name the repository.