mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

PR: 2218

Browse Source 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS replay bug.
This commit is contained in:
Dr. Stephen Henson 2010-04-06 12:45:04 +00:00
parent 47e6a60e42
commit ff12f88b8e
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ssl/d1_pkt.c
View File

@ -667,14 +667,14 @@ again:
if (rr->length == 0) goto again;
/* If this record is from the next epoch (either HM or ALERT),
* buffer it since it cannot be processed at this time. Records
* from the next epoch are marked as received even though they
* are not processed, so as to prevent any potential resource
* DoS attack */
* and a handshake is currently in progress, buffer it since it
* cannot be processed at this time. */
if (is_next_epoch)
{
dtls1_record_bitmap_update(s, bitmap);
dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);
if (SSL_in_init(s) || s->in_handshake)
{
dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);
}
rr->length = 0;
s->packet_length = 0;
goto again;