mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-06 14:50:51 +02:00
F-5583: evict oldest DTLS 1.3 epoch slot, not the last eligible one
Dtls13NewEpochSlot never updated oldestNumber after picking a candidate, so every eligible epoch compared "older" than the sentinel and the last eligible slot was returned instead of the lowest epoch number. Update oldestNumber alongside oldest so the true minimum is evicted.
This commit is contained in:
+3
-2
@@ -2369,7 +2369,6 @@ static Dtls13Epoch* Dtls13NewEpochSlot(WOLFSSL* ssl)
|
||||
w64wrapper oldestNumber;
|
||||
int i;
|
||||
|
||||
/* FIXME: add max function */
|
||||
oldestNumber = w64From32((word32)-1, (word32)-1);
|
||||
oldest = NULL;
|
||||
|
||||
@@ -2380,8 +2379,10 @@ static Dtls13Epoch* Dtls13NewEpochSlot(WOLFSSL* ssl)
|
||||
|
||||
if (!w64Equal(e->epochNumber, ssl->dtls13Epoch) &&
|
||||
!w64Equal(e->epochNumber, ssl->dtls13PeerEpoch) &&
|
||||
w64LT(e->epochNumber, oldestNumber))
|
||||
w64LT(e->epochNumber, oldestNumber)) {
|
||||
oldest = e;
|
||||
oldestNumber = e->epochNumber;
|
||||
}
|
||||
}
|
||||
|
||||
if (oldest == NULL)
|
||||
|
||||
Reference in New Issue
Block a user