From: Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk>
Date: Wed, 29 May 2024 08:02:18 +0000 (+0200)
Subject: Re-enable mtu assertion which previously failed for DTLS 1.3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2e9a90704f6fb4ab2c7154c770ab7627ab87ad55;p=thirdparty%2Fopenssl.git

Re-enable mtu assertion which previously failed for DTLS 1.3

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24524)
---

diff --git a/ssl/record/methods/dtls_meth.c b/ssl/record/methods/dtls_meth.c
index 6cda9f582f8..7ed4450e1b9 100644
--- a/ssl/record/methods/dtls_meth.c
+++ b/ssl/record/methods/dtls_meth.c
@@ -743,12 +743,16 @@ int dtls_post_encryption_processing(OSSL_RECORD_LAYER *rl,
 
 static size_t dtls_get_max_record_overhead(OSSL_RECORD_LAYER *rl)
 {
-    size_t blocksize = 0;
+    size_t blocksize = 0, contenttypelen = 0;
 
     if (rl->enc_ctx != NULL &&
         (EVP_CIPHER_CTX_get_mode(rl->enc_ctx) == EVP_CIPH_CBC_MODE))
         blocksize = EVP_CIPHER_CTX_get_block_size(rl->enc_ctx);
 
+    /* DTLSv1.3 adds an extra content type byte after payload data */
+    if (rl->version == DTLS1_3_VERSION)
+        contenttypelen = 1;
+
     /*
      * If we have a cipher in place then the tag is mandatory. If the cipher is
      * CBC mode then an explicit IV is also mandatory. If we know the digest,
@@ -771,7 +775,8 @@ static size_t dtls_get_max_record_overhead(OSSL_RECORD_LAYER *rl)
      * MTU size - so isn't very helpful. We just ignore potential expansion
      * due to compression.
      */
-    return DTLS1_RT_HEADER_LENGTH + rl->eivlen + blocksize + rl->taglen;
+    return DTLS1_RT_HEADER_LENGTH + rl->eivlen + blocksize + rl->taglen
+           + contenttypelen;
 }
 
 const OSSL_RECORD_METHOD ossl_dtls_record_method = {
diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c
index 819d41d3f64..ccffe02c226 100644
--- a/ssl/statem/statem_dtls.c
+++ b/ssl/statem/statem_dtls.c
@@ -259,11 +259,9 @@ int dtls1_do_write(SSL_CONNECTION *s, uint8_t type)
              * because in a production build, if this assert were ever to fail,
              * then the best thing to do is probably carry on regardless.
              */
-#if 0
-            /* TODO(DTLS-1.3): Re-enable this assert. */
             assert(s->s3.tmp.new_compression != NULL
                    || BIO_wpending(s->wbio) <= (int)s->d1->mtu);
-#endif
+
             if (type == SSL3_RT_HANDSHAKE && !s->d1->retransmitting) {
                 /*
                  * should not be done for 'Hello Request's, but in that case