diff --git a/include/polarssl/error.h b/include/polarssl/error.h index 7ce2828b2..e6ad54a04 100644 --- a/include/polarssl/error.h +++ b/include/polarssl/error.h @@ -91,7 +91,7 @@ * ECP 4 8 (Started from top) * MD 5 4 * CIPHER 6 6 - * SSL 6 10 (Started from top) + * SSL 6 12 (Started from top) * SSL 7 31 * * Module dependent error code (5 bits 0x.00.-0x.F8.) diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index 996460791..c7b122596 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -147,6 +147,7 @@ #define POLARSSL_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */ #define POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */ #define POLARSSL_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 /**< DTLS client must retry for hello verification */ +#define POLARSSL_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /**< A buffer is too small to receive or write a message */ /* * Various constants diff --git a/library/error.c b/library/error.c index 44ac31e93..35ecb97c3 100644 --- a/library/error.c +++ b/library/error.c @@ -454,6 +454,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) snprintf( buf, buflen, "SSL - Unexpected message at ServerHello in renegotiation" ); if( use_ret == -(POLARSSL_ERR_SSL_HELLO_VERIFY_REQUIRED) ) snprintf( buf, buflen, "SSL - DTLS client must retry for hello verification" ); + if( use_ret == -(POLARSSL_ERR_SSL_BUFFER_TOO_SMALL) ) + snprintf( buf, buflen, "SSL - A buffer is too small to receive or write a message" ); #endif /* POLARSSL_SSL_TLS_C */ #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 7e1df42db..c090b32b2 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -130,7 +130,7 @@ static int ssl_cookie_hmac( md_context_t *hmac_ctx, unsigned char hmac_out[COOKIE_MD_OUTLEN]; if( (size_t)( end - *p ) < COOKIE_HMAC_LEN ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + return( POLARSSL_ERR_SSL_BUFFER_TOO_SMALL ); if( ( ret = md_hmac_reset( hmac_ctx ) ) != 0 || ( ret = md_hmac_update( hmac_ctx, time, 4 ) ) != 0 || @@ -160,7 +160,7 @@ int ssl_cookie_write( void *p_ctx, return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); if( (size_t)( end - *p ) < COOKIE_LEN ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + return( POLARSSL_ERR_SSL_BUFFER_TOO_SMALL ); #if defined(POLARSSL_HAVE_TIME) t = (unsigned long) time( NULL );