DTLS 1.2 cached record support.
Add DTLS1.2 support for cached records when computing handshake macs instead of the MD5+SHA1 case for DTLS < 1.2 (this is a port of the equivalent TLS 1.2 code to DTLS). (cherry picked from commit 04fac50045929e7078cad4835478dd7f16b6d4bd)
This commit is contained in:
Dr. Stephen Henson
parent
acec5a6244
commit
efc17286f8
@ -650,6 +650,24 @@ int dtls1_accept(SSL *s)
|
|||||||
s->state=SSL3_ST_SR_FINISHED_A;
|
s->state=SSL3_ST_SR_FINISHED_A;
|
||||||
s->init_num = 0;
|
s->init_num = 0;
|
||||||
}
|
}
|
||||||
|
else if (SSL_USE_SIGALGS(s))
|
||||||
|
{
|
||||||
|
s->state=SSL3_ST_SR_CERT_VRFY_A;
|
||||||
|
s->init_num=0;
|
||||||
|
if (!s->session->peer)
|
||||||
|
break;
|
||||||
|
/* For sigalgs freeze the handshake buffer
|
||||||
|
* at this point and digest cached records.
|
||||||
|
*/
|
||||||
|
if (!s->s3->handshake_buffer)
|
||||||
|
{
|
||||||
|
SSLerr(SSL_F_SSL3_ACCEPT,ERR_R_INTERNAL_ERROR);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
|
||||||
|
if (!ssl3_digest_cached_records(s))
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
s->state=SSL3_ST_SR_CERT_VRFY_A;
|
s->state=SSL3_ST_SR_CERT_VRFY_A;
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user