Am 29.06.14 18:13, schrieb Arne Schwabe: > Am 27.03.14 09:57, schrieb Lev Stipakov: >> Hi, >> >> Same patch with added NULL check in push.c:308. Turns out that >> peer_info might be NULL. >> > I looked at the patched, a few minor nitpicks: > > - The test should be if the IV_PROTO is at least 2 and not if exactly 2 > - use_session_id should be bool instead of int > - If I understand the code in ssl.c tls_pre_decrypt corrrectly the > > ASSERT (buf_advance (buf, op == P_DATA_V1 ? 1 : 4)); > > will give an asserton if the other side just send a packet with only > P_DATA_V2 as op code and no opcode. > > I have not checked if the addition three bytes cause any mtu related > issues. Other than then that the patch looks good. > Other small nitpick. session_id should be session-id in the pushed options.
I don't really like the parsing of session_id outside parsing of other options. It is probably better to just parse it like a normal option and setup the session id in do_deferred_options. Arne
signature.asc
Description: OpenPGP digital signature
