From fd1e8c49ebe47f5075d8a9837d15150e0dd868fe Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Mon, 1 Aug 2022 14:30:35 +0200
Subject: [PATCH] Reset timeout when reading a valid DTLS message

- Increment the DTLS 1.3 timeout on a long timeout
---
 src/dtls13.c   |  4 ++++
 src/internal.c | 11 ++++++-----
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/dtls13.c b/src/dtls13.c
index 824bcc622..cf45b8ae4 100644
--- a/src/dtls13.c
+++ b/src/dtls13.c
@@ -2296,6 +2296,10 @@ int Dtls13RtxTimeout(WOLFSSL* ssl)
         return 0;
     }
 
+    /* Increase timeout on long timeout */
+    if (DtlsMsgPoolTimeout(ssl) != 0)
+        return -1;
+
     return Dtls13RtxSendBuffered(ssl);
 }
 
diff --git a/src/internal.c b/src/internal.c
index 088161390..09c2c41ed 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -7962,8 +7962,6 @@ void DtlsTxMsgListClean(WOLFSSL* ssl)
              * verify */
             break;
         ssl->dtls_tx_msg_list_sz--;
-        /* Reset timer as deleting a node means that state has progressed */
-        ssl->dtls_timeout = ssl->dtls_timeout_init;
         head = next;
     }
     ssl->dtls_tx_msg_list = head;
@@ -8263,8 +8261,7 @@ int DtlsMsgPoolTimeout(WOLFSSL* ssl)
 }
 
 
-/* DtlsMsgPoolReset() deletes the stored transmit list and resets the timeout
- * value. */
+/* DtlsMsgPoolReset() deletes the stored transmit list. */
 void DtlsMsgPoolReset(WOLFSSL* ssl)
 {
     WOLFSSL_ENTER("DtlsMsgPoolReset()");
@@ -8274,7 +8271,6 @@ void DtlsMsgPoolReset(WOLFSSL* ssl)
         ssl->dtls_tx_msg = NULL;
         ssl->dtls_tx_msg_list_sz = 0;
     }
-    ssl->dtls_timeout = ssl->dtls_timeout_init;
 }
 
 
@@ -18745,6 +18741,11 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
             if (IsDtlsNotSctpMode(ssl) && !IsAtLeastTLSv1_3(ssl->version)) {
                 _DtlsUpdateWindow(ssl);
             }
+
+            if (ssl->options.dtls) {
+                /* Reset timeout as we have received a valid DTLS message */
+                ssl->dtls_timeout = ssl->dtls_timeout_init;
+            }
 #endif /* WOLFSSL_DTLS */
 
             WOLFSSL_MSG("received record layer msg");