DTLS 1.2 cached record support.
Add DTLS1.2 support for cached records when computing handshake macs
instead of the MD5+SHA1 case for DTLS < 1.2 (this is a port of the
equivalent TLS 1.2 code to DTLS).
(cherry picked from commit 04fac50045)
This commit is contained in:
Dr. Stephen Henson
parent
acec5a6244
commit
efc17286f8
@ -650,6 +650,24 @@ int dtls1_accept(SSL *s)
|
||||
s->state=SSL3_ST_SR_FINISHED_A;
|
||||
s->init_num = 0;
|
||||
}
|
||||
else if (SSL_USE_SIGALGS(s))
|
||||
{
|
||||
s->state=SSL3_ST_SR_CERT_VRFY_A;
|
||||
s->init_num=0;
|
||||
if (!s->session->peer)
|
||||
break;
|
||||
/* For sigalgs freeze the handshake buffer
|
||||
* at this point and digest cached records.
|
||||
*/
|
||||
if (!s->s3->handshake_buffer)
|
||||
{
|
||||
SSLerr(SSL_F_SSL3_ACCEPT,ERR_R_INTERNAL_ERROR);
|
||||
return -1;
|
||||
}
|
||||
s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
|
||||
if (!ssl3_digest_cached_records(s))
|
||||
return -1;
|
||||
}
|
||||
else
|
||||
{
|
||||
s->state=SSL3_ST_SR_CERT_VRFY_A;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user