mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 16:55:43 +01:00
Fix SSL_BUFFER_LEN
This commit is contained in:
parent
8920f69fef
commit
08485cca81
@ -34,9 +34,13 @@ Bugfix
|
|||||||
* Fix symlink command for cross compiling with CMake (found by Andre
|
* Fix symlink command for cross compiling with CMake (found by Andre
|
||||||
Heinecke)
|
Heinecke)
|
||||||
* Fix DER output of gen_key app (found by Gergely Budai)
|
* Fix DER output of gen_key app (found by Gergely Budai)
|
||||||
* Very small packets were incorrectly rejected when truncated HMAC was in
|
* Very small records were incorrectly rejected when truncated HMAC was in
|
||||||
use with some ciphersuites and versions (RC4 in all versions, CBC with
|
use with some ciphersuites and versions (RC4 in all versions, CBC with
|
||||||
versions < TLS 1.1).
|
versions < TLS 1.1).
|
||||||
|
* Very large records using more than 224 bytes of padding were incorrectly
|
||||||
|
rejected with CBC-based ciphersuites and TLS >= 1.1
|
||||||
|
* Very large records using less padding could cause a buffer overread of up
|
||||||
|
to 32 bytes with CBC-based ciphersuites and TLS >= 1.1
|
||||||
|
|
||||||
= PolarSSL 1.3.7 released on 2014-05-02
|
= PolarSSL 1.3.7 released on 2014-05-02
|
||||||
Features
|
Features
|
||||||
|
@ -258,8 +258,8 @@
|
|||||||
/* \} name SECTION: Module settings */
|
/* \} name SECTION: Module settings */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Allow an extra 301 bytes for the record header
|
* Allow an extra 301 bytes for the record header and encryption overhead:
|
||||||
* and encryption overhead: counter (8) + header (5) + MAC (32) + padding (256)
|
* counter (8) + header (5) + IV(16) + MAC (48) + padding (256)
|
||||||
* and allow for a maximum of 1024 of compression expansion if
|
* and allow for a maximum of 1024 of compression expansion if
|
||||||
* enabled.
|
* enabled.
|
||||||
*/
|
*/
|
||||||
@ -269,7 +269,7 @@
|
|||||||
#define SSL_COMPRESSION_ADD 0
|
#define SSL_COMPRESSION_ADD 0
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + SSL_COMPRESSION_ADD + 301)
|
#define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + SSL_COMPRESSION_ADD + 333)
|
||||||
|
|
||||||
#define SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */
|
#define SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user