Fix dcheck on max dtls record size exceeded (#3021)

author: Maksym Ked (GitHub) <41471947+mked-luxoft@users.noreply.github.com> 2019-09-19 19:56:03 +0300
committer: Collin <iCollin@users.noreply.github.com> 2019-09-19 12:56:03 -0400
commit: 3024ce3236968f220ea3c8b82963d0fc6466c30e (patch)
tree: 5208ef33fcefd01d04e0fbc0122b4fe77f03688b
parent: c6330cda403b6cd1f085ccd84591cdf7485d8c77 (diff)
download: sdl_core-3024ce3236968f220ea3c8b82963d0fc6466c30e.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/src/components/security_manager/src/ssl_context_impl.cc b/src/components/security_manager/src/ssl_context_impl.cc
index 357d9556fb..d5c892c07a 100644
--- a/src/components/security_manager/src/ssl_context_impl.cc
+++ b/src/components/security_manager/src/ssl_context_impl.cc
@@ -529,13 +529,18 @@ bool CryptoManagerImpl::SSLContextImpl::Decrypt(const uint8_t* const in_data,
 }
 
 size_t CryptoManagerImpl::SSLContextImpl::get_max_block_size(size_t mtu) const {
+  LOG4CXX_AUTO_TRACE(logger_);
   if (!max_block_size_) {
     // FIXME(EZamakhov): add correct logics for TLS1/1.2/SSL3
     // For SSL3.0 set temporary value 90, old TLS1.2 value is 29
     assert(mtu > 90);
     return mtu - 90;
   }
-  return max_block_size_(mtu);
+
+  const auto max_allowed_block_size =
+      mtu > SSL3_RT_MAX_PLAIN_LENGTH ? SSL3_RT_MAX_PLAIN_LENGTH : mtu;
+
+  return max_block_size_(max_allowed_block_size);
 }
 
 bool CryptoManagerImpl::SSLContextImpl::IsHandshakePending() const {
author	Maksym Ked (GitHub) <41471947+mked-luxoft@users.noreply.github.com>	2019-09-19 19:56:03 +0300
committer	Collin <iCollin@users.noreply.github.com>	2019-09-19 12:56:03 -0400
commit	3024ce3236968f220ea3c8b82963d0fc6466c30e (patch)
tree	5208ef33fcefd01d04e0fbc0122b4fe77f03688b
parent	c6330cda403b6cd1f085ccd84591cdf7485d8c77 (diff)
download	sdl_core-3024ce3236968f220ea3c8b82963d0fc6466c30e.tar.gz