Merge remote-tracking branch 'origin/pr/2696' into mbedtls-2.7

* origin/pr/2696:
  UDP proxy: Don't attempt to dissect dgram into records when dropping
This commit is contained in:
Jaeden Amero 2019-06-14 08:55:32 +01:00
commit fe1180a9db

View File

@ -372,32 +372,17 @@ void clear_pending( void )
static unsigned char dropped[2048] = { 0 }; static unsigned char dropped[2048] = { 0 };
#define DROP_MAX 2 #define DROP_MAX 2
/* /* We only drop packets at the level of entire datagrams, not at the level
* OpenSSL groups packets in a datagram the first time it sends them, but not * of records. In particular, if the peer changes the way it packs multiple
* when it resends them. Count every record as seen the first time. * records into a single datagram, we don't necessarily count the number of
*/ * times a record has been dropped correctly. However, the only known reason
* why a peer would change datagram packing is disabling the latter on
* retransmission, in which case we'd drop involved records at most
* DROP_MAX + 1 times. */
void update_dropped( const packet *p ) void update_dropped( const packet *p )
{ {
size_t id = p->len % sizeof( dropped ); size_t id = p->len % sizeof( dropped );
const unsigned char *end = p->buf + p->len;
const unsigned char *cur = p->buf;
size_t len = ( ( cur[11] << 8 ) | cur[12] ) + 13;
++dropped[id]; ++dropped[id];
/* Avoid counting single record twice */
if( len == p->len )
return;
while( cur < end )
{
len = ( ( cur[11] << 8 ) | cur[12] ) + 13;
id = len % sizeof( dropped );
++dropped[id];
cur += len;
}
} }
int handle_message( const char *way, int handle_message( const char *way,