diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2019-02-25 16:52:35 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2019-02-25 16:52:35 +0000 |
| commit | c870cfc8a8776ffee1123ec88ff166a19991543f (patch) | |
| tree | 594a7f617d945dfdec80e29ee3ea360c5dfb948e /lib/libssl | |
| parent | 0198615709548a7a45163a92737cf7cc077b6ac7 (diff) | |
Correctly handle oversize writes.
If the record layer is asked to write more than fits in a plaintext record,
cap the amount at that limit. This means that we will effectively write out
a single record and return a short-write.
This behaviour matches SSL_write() with SSL_MODE_ENABLE_PARTIAL_WRITE
enabled and the non-SSL_MODE_ENABLE_PARTIAL_WRITE case will be handled
at a higher layer.
ok inoguchi@ tb@
Diffstat (limited to 'lib/libssl')
| -rw-r--r-- | lib/libssl/tls13_record_layer.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/libssl/tls13_record_layer.c b/lib/libssl/tls13_record_layer.c index 07efcbc7021..d4bc50ab4e1 100644 --- a/lib/libssl/tls13_record_layer.c +++ b/lib/libssl/tls13_record_layer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_record_layer.c,v 1.6 2019/02/23 15:02:34 jsing Exp $ */ +/* $OpenBSD: tls13_record_layer.c,v 1.7 2019/02/25 16:52:34 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> * @@ -760,7 +760,9 @@ static ssize_t tls13_record_layer_write(struct tls13_record_layer *rl, uint8_t content_type, const uint8_t *buf, size_t n) { - /* XXX - handle fragmenting... */ + if (n > TLS13_RECORD_MAX_PLAINTEXT_LEN) + n = TLS13_RECORD_MAX_PLAINTEXT_LEN; + return tls13_record_layer_write_record(rl, content_type, buf, n); } |