From da2fe26db7dc66fcab316e0e0f39eb89052cdc9f Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Wed, 9 Nov 2022 14:35:23 +0000 Subject: [PATCH] Fix incorrect condition in is_compression_bad() The transport is allowed to be MBEDTLS_SSL_TRANSPORT_DATAGRAM when the compression is MBEDTLS_SSL_COMPRESS_NULL. Signed-off-by: David Horstmann --- library/ssl_cli.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 788c190de4..3475aa42f4 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2064,7 +2064,8 @@ static int is_compression_bad( mbedtls_ssl_context *ssl, unsigned char comp ) #if defined(MBEDTLS_ZLIB_SUPPORT) /* See comments in ssl_write_client_hello() */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + comp != MBEDTLS_SSL_COMPRESS_NULL ) bad_comp = 1; #endif