... and same in cherry-picked variants in other branches: 05e769f269f28b649d8300a1fc3aaef19901a173 (OpenSSL_1_0_2-stable) 4c21e004a3738b70c7d21d6e86ca68b21577d4d0 (OpenSSL_1_0_1-stable)
Appears harmless, though. Look for "Just one protocol version": diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index 09268b8..5b3de08 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c ... @@ -312,6 +318,25 @@ long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg) } return 0; /* Unexpected state; fail closed. */ + /* Just one protocol version is supported so far; + * fail closed if the version is not as expected. */ + return s->version == DTLS_MAX_VERSION; + case DTLS_CTRL_SET_LINK_MTU: + if (larg < (long)dtls1_link_min_mtu()) + return 0; + s->d1->link_mtu = larg; + return 1; ... ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org