Google Git
Sign in
boringssl / boringssl / 5fa3eba03d1912424decc885e72da20a6a08d8e7
commit5fa3eba03d1912424decc885e72da20a6a08d8e7[log] [tgz]
authorDavid Benjamin <davidben@chromium.org>Thu Jan 22 16:35:40 2015 -0500
committerAdam Langley <agl@google.com>Thu Jan 22 22:06:40 2015 +0000
tree45263ac96ff7b9da1ec04fd74528cb4327d2fac9
parent9a38e924aafa96b4f1d7495ce140ba06b956854f [diff]
Clear the error queue when dropping a bad DTLS packet.

This regressed in e95d20dcb80523bf9bc6a9c5682856c8371e0a96. EVP_AEAD will push
errors on the error queue (unlike the EVP_CIPHER codepath which checked
everything internally to ssl/ and didn't bother pushing anything). This meant
that a dropped packet would leave junk in the error queue.

Later, when SSL_read returns <= 0 (EOF or EWOULDBLOCK), the non-empty error
queue check in SSL_get_error kicks in and SSL_read looks to have failed.

BUG=https://code.google.com/p/webrtc/issues/detail?id=4214

Change-Id: I1e5e41c77a3e5b71e9eb0c72294abf0da677f840
Reviewed-on: https://boringssl-review.googlesource.com/2982
Reviewed-by: Adam Langley <agl@google.com>
3 files changed
tree: 45263ac96ff7b9da1ec04fd74528cb4327d2fac9
  1. crypto/
  2. doc/
  3. include/
  4. ssl/
  5. tool/
  6. util/
  7. .clang-format
  8. .gitignore
  9. BUILDING
  10. CMakeLists.txt
  11. codereview.settings