DTLS message_sequence number wrong in rehandshake ServerHello
This fix ensures that * A HelloRequest is retransmitted if not responded by a ClientHello * The HelloRequest "consumes" the sequence number 0. The subsequent ServerHello uses the sequence number 1. * The client also expects the sequence number of the ServerHello to be 1 if a HelloRequest was received earlier. This patch fixes the RFC violation.
This commit is contained in:
Michael Tuexen
Dr. Stephen Henson
parent
0c75eeacd3
commit
b62f4daac0
@ -1058,6 +1058,7 @@ start:
|
|||||||
!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
|
!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
|
||||||
!s->s3->renegotiate)
|
!s->s3->renegotiate)
|
||||||
{
|
{
|
||||||
|
s->d1->handshake_read_seq++;
|
||||||
s->new_session = 1;
|
s->new_session = 1;
|
||||||
ssl3_renegotiate(s);
|
ssl3_renegotiate(s);
|
||||||
if (ssl3_renegotiate_check(s))
|
if (ssl3_renegotiate_check(s))
|
||||||
|
|||||||
@ -294,10 +294,11 @@ int dtls1_accept(SSL *s)
|
|||||||
case SSL3_ST_SW_HELLO_REQ_B:
|
case SSL3_ST_SW_HELLO_REQ_B:
|
||||||
|
|
||||||
s->shutdown=0;
|
s->shutdown=0;
|
||||||
|
dtls1_clear_record_buffer(s);
|
||||||
dtls1_start_timer(s);
|
dtls1_start_timer(s);
|
||||||
ret=ssl3_send_hello_request(s);
|
ret=ssl3_send_hello_request(s);
|
||||||
if (ret <= 0) goto end;
|
if (ret <= 0) goto end;
|
||||||
s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
|
s->s3->tmp.next_state=SSL3_ST_SR_CLNT_HELLO_A;
|
||||||
s->state=SSL3_ST_SW_FLUSH;
|
s->state=SSL3_ST_SW_FLUSH;
|
||||||
s->init_num=0;
|
s->init_num=0;
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user