generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

DTLS version usage fixes.

Browse Source 
Make DTLS behave like TLS when negotiating version: record layer has
DTLS 1.0, message version is 1.2.

Tolerate different version numbers if version hasn't been negotiated
yet.
(cherry picked from commit 40088d8b8190a2a33828a769c23bf35de542c7dc)
This commit is contained in:
Dr. Stephen Henson 2013-09-17 18:10:37 +01:00
parent 6e1987ca1d
commit 1dfb1b103c
2 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/d1_pkt.c
View File

@ -1559,9 +1559,7 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len,
* we haven't decided which version to use yet send back using * we haven't decided which version to use yet send back using
* version 1.0 header: otherwise some clients will ignore it. * version 1.0 header: otherwise some clients will ignore it.
*/ */
if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B if (s->method->version == DTLS_ANY_VERSION)
&& s->method->version == DTLS_ANY_VERSION
&& s->client_version == DTLS1_VERSION)
{ {
*(p++)=DTLS1_VERSION>>8; *(p++)=DTLS1_VERSION>>8;
*(p++)=DTLS1_VERSION&0xff; *(p++)=DTLS1_VERSION&0xff;

2
ssl/s3_clnt.c
View File

@ -912,7 +912,7 @@ int ssl3_get_server_hello(SSL *s)
/* Hello verify request and/or server hello version may not /* Hello verify request and/or server hello version may not
* match so set first packet if we're negotiating version. * match so set first packet if we're negotiating version.
*/ */
if (s->method->version == DTLS_ANY_VERSION) if (SSL_IS_DTLS(s))
s->first_packet = 1; s->first_packet = 1;
n=s->method->ssl_get_message(s, n=s->method->ssl_get_message(s,