From 7f18b139cc6ba1f2282d39a0fe5c84765c286b99 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@chromium.org>
Date: Sun, 11 Jan 2015 17:36:21 -0500
Subject: [PATCH] Always SSL_OP_NO_QUERY_MTU before querying the BIO MTU.

That setting means that the MTU is provided externally via SSL_set_mtu.

(Imported from upstream's 001235778a6e9c645dc0507cad6092d99c9af8f5)

Change-Id: I4e5743a9dee734ddd0235f080aefe98a7365aaf6
Reviewed-on: https://boringssl-review.googlesource.com/2826
Reviewed-by: Adam Langley <agl@google.com>
---
 ssl/d1_both.c | 5 +++--
 ssl/d1_lib.c  | 3 ++-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 8b81881c..63079562 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -325,11 +325,12 @@ int dtls1_do_write(SSL *s, int type) {
        * caused the failure -- so can't really retransmit anything.  continue
        * as if everything is fine and wait for an alert to handle the
        * retransmit. */
-      if (BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0) {
+      if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU) &&
+          BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0) {
         s->d1->mtu =
             BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
       } else {
-        return (-1);
+        return -1;
       }
     } else {
       /* bad if this assert fails, only part of the handshake message got sent.
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 9fcc0501..d08b6bd9 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -356,7 +356,8 @@ int dtls1_check_timeout_num(SSL *s) {
   s->d1->timeout.num_alerts++;
 
   /* Reduce MTU after 2 unsuccessful retransmissions */
-  if (s->d1->timeout.num_alerts > 2) {
+  if (s->d1->timeout.num_alerts > 2 &&
+      !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
     s->d1->mtu =
         BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0, NULL);
   }