diff options
author | steve <steve> | 2012-03-06 13:26:15 +0000 |
---|---|---|
committer | steve <steve> | 2012-03-06 13:26:15 +0000 |
commit | d16d2ddc146a207ed5b15d432cef9df82330a04f (patch) | |
tree | 7ba9ac3e116353fee81d99c821b61e2093a1a680 | |
parent | 806a9fb85c754d0289d618dd4d8a70132b830776 (diff) | |
download | openssl-d16d2ddc146a207ed5b15d432cef9df82330a04f.tar.gz |
PR: 2748
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix possible DTLS timer deadlock.
-rw-r--r-- | ssl/d1_clnt.c | 2 | ||||
-rw-r--r-- | ssl/d1_srvr.c | 7 |
2 files changed, 4 insertions, 5 deletions
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index 299ffb39b..00cb43f09 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -330,7 +330,6 @@ int dtls1_connect(SSL *s) if (ret <= 0) goto end; else { - dtls1_stop_timer(s); if (s->hit) { #ifndef OPENSSL_NO_SCTP @@ -441,6 +440,7 @@ int dtls1_connect(SSL *s) case SSL3_ST_CR_SRVR_DONE_B: ret=ssl3_get_server_done(s); if (ret <= 0) goto end; + dtls1_stop_timer(s); if (s->s3->tmp.cert_req) s->s3->tmp.next_state=SSL3_ST_CW_CERT_A; else diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index 89f47ce97..e0d9388c3 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -591,15 +591,16 @@ int dtls1_accept(SSL *s) ret = ssl3_check_client_hello(s); if (ret <= 0) goto end; - dtls1_stop_timer(s); if (ret == 2) + { + dtls1_stop_timer(s); s->state = SSL3_ST_SR_CLNT_HELLO_C; + } else { /* could be sent for a DH cert, even if we * have not asked for it :-) */ ret=ssl3_get_client_certificate(s); if (ret <= 0) goto end; - dtls1_stop_timer(s); s->init_num=0; s->state=SSL3_ST_SR_KEY_EXCH_A; } @@ -609,7 +610,6 @@ int dtls1_accept(SSL *s) case SSL3_ST_SR_KEY_EXCH_B: ret=ssl3_get_client_key_exchange(s); if (ret <= 0) goto end; - dtls1_stop_timer(s); #ifndef OPENSSL_NO_SCTP /* Add new shared key for SCTP-Auth, * will be ignored if no SCTP used. @@ -661,7 +661,6 @@ int dtls1_accept(SSL *s) /* we should decide if we expected this one */ ret=ssl3_get_cert_verify(s); if (ret <= 0) goto end; - dtls1_stop_timer(s); #ifndef OPENSSL_NO_SCTP if (BIO_dgram_is_sctp(SSL_get_wbio(s)) && state == SSL_ST_RENEGOTIATE) |