kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove TODO about DTLS cookie lengths.

Browse Source 
The limit increased from 32 to 255 between DTLS 1.0 and DTLS 1.2.

Change-Id: I329a59f9ba2bccc70282e2b47679c57b67e5ed43
Reviewed-on: https://boringssl-review.googlesource.com/2242
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2014-11-10 12:09:44 -05:00 committed by Adam Langley
parent ca6554b133
commit d0297db108
1 changed files with 0 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ssl/s3_srvr.c
View File

@ -904,12 +904,6 @@ int ssl3_get_client_hello(SSL *s)
{
CBS cookie;
/* TODO(davidben): The length check here is off. Per
* spec, the maximum cookie length is 32. However, the
* DTLS1_COOKIE_LENGTH check is checking against 256,
* not 32 (so it's actually redundant).
* 07a9d1a2c2b735cbc327065000b545deb5e136cf from
* OpenSSL switched this from 32 to 256. */
if (!CBS_get_u8_length_prefixed(&client_hello, &cookie) ||
CBS_len(&cookie) > DTLS1_COOKIE_LENGTH)
{