Revision - a8da754 - Fix dtls_query_mtu so that it will always either complete with [...] – ENEA Mirror of the Software Heritage archive

Revision a8da754d8482f09ce621305b156c2a0d64c16e9b authored by Matt Caswell on 01 December 2014, 22:18:18 UTC, committed by Matt Caswell on 03 December 2014, 09:43:49 UTC

Fix dtls_query_mtu so that it will always either complete with an mtu that is

at least the minimum or it will fail.
There were some instances in dtls1_query_mtu where the final mtu can end up
being less than the minimum, i.e. where the user has set an mtu manually. This
shouldn't be allowed. Also remove dtls1_guess_mtu that, despite having
logic for guessing an mtu, was actually only ever used to work out the minimum
mtu to use.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 1620a2e49c777f31f2ce57966ae74006b48ad759)

1 parent 8ccb44e

Files
Changes

Permalinks

dh1024.pem

-----BEGIN DH PARAMETERS-----
MIGHAoGBAPSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsY
jY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6
ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpL3jHAgEC
-----END DH PARAMETERS-----

These are the 1024 bit DH parameters from "Assigned Number for SKIP Protocols"
(http://www.skip-vpn.org/spec/numbers.html).
See there for how they were generated.
Note that g is not a generator, but this is not a problem since p is a safe prime.

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...