wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

DTLS Finished send duplication

Browse Source 
1. Only add the encrypted Finished message to DTLS retransmit pool.
2. Don't increment the epoch or sequence number when retransmitting.
This commit is contained in:
John Safranek
2013-05-15 10:31:42 -07:00
parent 091c7a7ef3
commit 05f11c4bca
1 changed files with 1 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/internal.c
View File

@ -1829,14 +1829,6 @@ int DtlsPoolSend(CYASSL* ssl)
for (i = 0; i < pool->used; i++) {
int sendResult;
buffer* buf = &pool->buf[i];
DtlsRecordLayerHeader* dtls = (DtlsRecordLayerHeader*)buf->buffer;
if (dtls->type == change_cipher_spec) {
ssl->keys.dtls_epoch++;
ssl->keys.dtls_sequence_number = 0;
}
c16toa(ssl->keys.dtls_epoch, dtls->epoch);
c32to48(ssl->keys.dtls_sequence_number++, dtls->sequence_number);
if ((ret = CheckAvailableSize(ssl, buf->length)) != 0)
return ret;
@ -4971,14 +4963,9 @@ static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz,
idx += inSz;
if (type == handshake) {
#ifdef CYASSL_DTLS
if (ssl->options.dtls) {
if ((ret = DtlsPoolSave(ssl, output, headerSz+inSz)) != 0)
return ret;
}
#endif
HashOutput(ssl, output, headerSz + inSz, ivSz);
}
if (ssl->specs.cipher_type != aead) {
ssl->hmac(ssl, output+idx, output + headerSz + ivSz, inSz, type, 0);
idx += digestSz;