summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tuexen <tuexen@fh-muenster.de>2013-08-13 18:53:19 +0100
committerDr. Stephen Henson <steve@openssl.org>2013-08-13 18:53:19 +0100
commitb62f4daac00303280361924b9cc19b3e27528b15 (patch)
tree5cb0356e44d092695a8d2bf5481bf44bcbe89d35
parent0c75eeacd3285b395dc75b65c3e6fe6ffbef59f0 (diff)
downloadopenssl-new-b62f4daac00303280361924b9cc19b3e27528b15.tar.gz
DTLS message_sequence number wrong in rehandshake ServerHello
This fix ensures that * A HelloRequest is retransmitted if not responded by a ClientHello * The HelloRequest "consumes" the sequence number 0. The subsequent ServerHello uses the sequence number 1. * The client also expects the sequence number of the ServerHello to be 1 if a HelloRequest was received earlier. This patch fixes the RFC violation.
Diffstat
-rw-r--r--ssl/d1_pkt.c1
-rw-r--r--ssl/d1_srvr.c3
2 files changed, 3 insertions, 1 deletions
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 4464a305d2..39587039aa 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -1058,6 +1058,7 @@ start:
!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
!s->s3->renegotiate)
{
+ s->d1->handshake_read_seq++;
s->new_session = 1;
ssl3_renegotiate(s);
if (ssl3_renegotiate_check(s))
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index c628db56ef..d3afec993d 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -294,10 +294,11 @@ int dtls1_accept(SSL *s)
case SSL3_ST_SW_HELLO_REQ_B:
s->shutdown=0;
+ dtls1_clear_record_buffer(s);
dtls1_start_timer(s);
ret=ssl3_send_hello_request(s);
if (ret <= 0) goto end;
- s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
+ s->s3->tmp.next_state=SSL3_ST_SR_CLNT_HELLO_A;
s->state=SSL3_ST_SW_FLUSH;
s->init_num=0;
View Lorry Controller Status