Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes the program to crash. This is due to missing version checks and is fixed with this patch.
Best regards
Robin
--- ssl/s3_pkt.c 11 May 2011 13:37:52 -0000 1.72.2.7.2.7
+++ ssl/s3_pkt.c 25 May 2011 11:13:58 -0000
@@ -247,7 +247,8 @@
if (i <= 0)
{
rb->left = left;
- if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+ if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
+ SSL_version(s) != DTLS1_VERSION && SSL_version(s)
!= DTLS1_BAD_VER)
if (len+left == 0)
ssl3_release_read_buffer(s);
return(i);
@@ -866,7 +867,8 @@
{
wb->left=0;
wb->offset+=i;
- if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+ if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
+ SSL_version(s) != DTLS1_VERSION && SSL_version(s)
!= DTLS1_BAD_VER)
ssl3_release_write_buffer(s);
s->rwstate=SSL_NOTHING;
return(s->s3->wpend_ret);
dtls-release-buffers-bug-1.0.1.patch
Description: Binary data
dtls-release-buffers-bug-1.0.0.patch
Description: Binary data
