PR: 2039
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org DTLS listen bug fix,
This commit is contained in:
Dr. Stephen Henson
parent
a25f33d28a
commit
e9f613acea
11
ssl/d1_pkt.c
11
ssl/d1_pkt.c
@ -648,8 +648,15 @@ again:
|
|||||||
goto again; /* get another record */
|
goto again; /* get another record */
|
||||||
}
|
}
|
||||||
|
|
||||||
/* check whether this is a repeat, or aged record */
|
/* Check whether this is a repeat, or aged record.
|
||||||
if ( ! dtls1_record_replay_check(s, bitmap))
|
* Don't check if we're listening and this message is
|
||||||
|
* a ClientHello. They can look as if they're replayed,
|
||||||
|
* since they arrive from different connections and
|
||||||
|
* would be dropped unnecessarily.
|
||||||
|
*/
|
||||||
|
if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
|
||||||
|
*p == SSL3_MT_CLIENT_HELLO) &&
|
||||||
|
!dtls1_record_replay_check(s, bitmap))
|
||||||
{
|
{
|
||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
s->packet_length=0; /* dump this record */
|
s->packet_length=0; /* dump this record */
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user