feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Change default DTLS future packet behaviour

Browse Source 
This is a better default for most users. Most users who make use of DTLS, allow messages from "too far into the future". It makes sense that DTLS may lose connection for a period of time and will lose all messages from this period. Losing connection effectively stalls the wolfSSL DTLS connection.
This commit is contained in:
Juliusz Sosinowicz
2021-04-16 19:27:39 +02:00
parent 5955603c51
commit 2bc2a911d7
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/internal.c
View File

@ -13546,7 +13546,7 @@ static WC_INLINE int DtlsCheckWindow(WOLFSSL* ssl)
WOLFSSL_MSG("Current record sequence number from the past."); WOLFSSL_MSG("Current record sequence number from the past.");
return 0; return 0;
} }
#ifndef WOLFSSL_DTLS_ALLOW_FUTURE #ifdef WOLFSSL_DTLS_DISALLOW_FUTURE
else if (!curLT && (diff > DTLS_SEQ_BITS)) { else if (!curLT && (diff > DTLS_SEQ_BITS)) {
WOLFSSL_MSG("Rejecting message too far into the future."); WOLFSSL_MSG("Rejecting message too far into the future.");
return 0; return 0;