feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

1. Some DTLS code was missing an ifdef.

Browse Source 
2. If receiving a handshake message that's already been processed,
    retransmit the previous message flight.
This commit is contained in:
John Safranek
2016-02-22 14:08:35 -08:00
parent f6fafe6738
commit f621f81fa2
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/internal.c
View File

@ -6101,7 +6101,7 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
*inOutIdx += fragSz; *inOutIdx += fragSz;
if(type == finished ) if(type == finished )
*inOutIdx += ssl->keys.padSz; *inOutIdx += ssl->keys.padSz;
ret = 0; ret = DtlsPoolSend(ssl);
} }
else if (fragSz < size) { else if (fragSz < size) {
/* Since this branch is in order, but fragmented, dtls_msg_list will be /* Since this branch is in order, but fragmented, dtls_msg_list will be
@ -7612,6 +7612,7 @@ int ProcessReply(WOLFSSL* ssl)
} }
#endif #endif
#ifdef WOLFSSL_DTLS
/* Check for duplicate CCS message in DTLS mode. /* Check for duplicate CCS message in DTLS mode.
* DTLS allows for duplicate messages, and it should be * DTLS allows for duplicate messages, and it should be
* skipped. */ * skipped. */
@ -7619,6 +7620,10 @@ int ProcessReply(WOLFSSL* ssl)
ssl->msgsReceived.got_change_cipher) { ssl->msgsReceived.got_change_cipher) {
WOLFSSL_MSG("Duplicate ChangeCipher msg"); WOLFSSL_MSG("Duplicate ChangeCipher msg");
ret = DtlsPoolSend(ssl);
if (ret != 0)
return ret;
if (ssl->curSize != 1) { if (ssl->curSize != 1) {
WOLFSSL_MSG("Malicious or corrupted" WOLFSSL_MSG("Malicious or corrupted"
" duplicate ChangeCipher msg"); " duplicate ChangeCipher msg");
@ -7627,6 +7632,7 @@ int ProcessReply(WOLFSSL* ssl)
ssl->buffers.inputBuffer.idx++; ssl->buffers.inputBuffer.idx++;
break; break;
} }
#endif
ret = SanityCheckMsgReceived(ssl, change_cipher_hs); ret = SanityCheckMsgReceived(ssl, change_cipher_hs);
if (ret != 0) if (ret != 0)