forked from wolfSSL/wolfssl
Alerts
Alerts the server sends between receiving the client's CCS message and before it sends its own CCS message should not be encrypted.
This commit is contained in:
John Safranek
@ -209,15 +209,14 @@ int IsAtLeastTLSv1_3(const ProtocolVersion pv)
|
||||
|
||||
static WC_INLINE int IsEncryptionOn(WOLFSSL* ssl, int isSend)
|
||||
{
|
||||
(void)isSend;
|
||||
|
||||
#ifdef WOLFSSL_DTLS
|
||||
/* For DTLS, epoch 0 is always not encrypted. */
|
||||
if (ssl->options.dtls && !isSend && ssl->keys.curEpoch == 0)
|
||||
return 0;
|
||||
#endif /* WOLFSSL_DTLS */
|
||||
|
||||
return ssl->keys.encryptionOn;
|
||||
return ssl->keys.encryptionOn &&
|
||||
(isSend ? ssl->encrypt.setup : ssl->decrypt.setup);
|
||||
}
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user