wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2908 from ejohnstown/dtls-revert

Browse Source 
DTLS Revert
This commit is contained in:
toddouska
2020-04-16 09:58:48 -07:00
committed by GitHub
parent 9918ee8b68 40ea386509
commit 75deec250c
2 changed files with 10 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

94
src/internal.c
View File

@ -6278,9 +6278,6 @@ void SSL_ResourceFree(WOLFSSL* ssl)
ssl->dtls_rx_msg_list = NULL; ssl->dtls_rx_msg_list = NULL;
ssl->dtls_rx_msg_list_sz = 0; ssl->dtls_rx_msg_list_sz = 0;
} }
XFREE(ssl->dtls_pending_finished, ssl->heap, DYNAMIC_TYPE_DTLS_BUFFER);
ssl->dtls_pending_finished = NULL;
ssl->dtls_pending_finished_sz = 0;
XFREE(ssl->buffers.dtlsCtx.peer.sa, ssl->heap, DYNAMIC_TYPE_SOCKADDR); XFREE(ssl->buffers.dtlsCtx.peer.sa, ssl->heap, DYNAMIC_TYPE_SOCKADDR);
ssl->buffers.dtlsCtx.peer.sa = NULL; ssl->buffers.dtlsCtx.peer.sa = NULL;
#ifndef NO_WOLFSSL_SERVER #ifndef NO_WOLFSSL_SERVER
@ -6523,11 +6520,6 @@ void FreeHandshakeResources(WOLFSSL* ssl)
DtlsMsgListDelete(ssl->dtls_rx_msg_list, ssl->heap); DtlsMsgListDelete(ssl->dtls_rx_msg_list, ssl->heap);
ssl->dtls_rx_msg_list = NULL; ssl->dtls_rx_msg_list = NULL;
ssl->dtls_rx_msg_list_sz = 0; ssl->dtls_rx_msg_list_sz = 0;
if (ssl->dtls_pending_finished != NULL) {
XFREE(ssl->dtls_pending_finished, ssl->heap, DYNAMIC_TYPE_DTLS_MSG);
ssl->dtls_pending_finished = NULL;
ssl->dtls_pending_finished_sz = 0;
}
} }
#endif #endif
@ -11742,11 +11734,6 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
default: default:
ret = BUFFER_ERROR; ret = BUFFER_ERROR;
} }
#ifdef WOLFSSL_DTLS
if (ssl->options.dtls) {
DtlsMsgPoolReset(ssl);
}
#endif
if (ret != 0) if (ret != 0)
SendAlert(ssl, alert_fatal, bad_certificate_status_response); SendAlert(ssl, alert_fatal, bad_certificate_status_response);
@ -12477,14 +12464,6 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
case finished: case finished:
WOLFSSL_MSG("processing finished"); WOLFSSL_MSG("processing finished");
ret = DoFinished(ssl, input, inOutIdx, size, totalSz, NO_SNIFF); ret = DoFinished(ssl, input, inOutIdx, size, totalSz, NO_SNIFF);
#ifdef WOLFSSL_DTLS
if (ssl->dtls_pending_finished != NULL) {
XFREE(ssl->dtls_pending_finished, ssl->heap, DYNAMIC_TYPE_DTLS_MSG);
ssl->dtls_pending_finished = NULL;
ssl->dtls_pending_finished_sz = 0;
}
#endif
break; break;
#ifndef NO_WOLFSSL_SERVER #ifndef NO_WOLFSSL_SERVER
@ -12735,7 +12714,6 @@ static WC_INLINE int DtlsCheckWindow(WOLFSSL* ssl)
window = peerSeq->prevWindow; window = peerSeq->prevWindow;
} }
else { else {
WOLFSSL_MSG("Different epoch");
return 0; return 0;
} }
@ -14755,45 +14733,20 @@ int ProcessReply(WOLFSSL* ssl)
&ssl->curRL, &ssl->curSize); &ssl->curRL, &ssl->curSize);
#ifdef WOLFSSL_DTLS #ifdef WOLFSSL_DTLS
if (ssl->options.dtls && ret == SEQUENCE_ERROR) { if (ssl->options.dtls && ret == SEQUENCE_ERROR) {
if (ssl->keys.curEpoch == ssl->keys.dtls_epoch + 1) { WOLFSSL_MSG("Silently dropping out of order DTLS message");
/* Store if in the next epoch. Probably finished. */ ssl->options.processReply = doProcessInit;
word32 sz = ssl->buffers.inputBuffer.length - ssl->buffers.inputBuffer.length = 0;
ssl->buffers.inputBuffer.idx + ssl->buffers.inputBuffer.idx = 0;
DTLS_RECORD_HEADER_SZ;
if (ssl->dtls_pending_finished != NULL) {
XFREE(ssl->dtls_pending_finished, ssl->heap,
DYNAMIC_TYPE_DTLS_MSG);
}
ssl->dtls_pending_finished = (byte*)XMALLOC(sz, ssl->heap,
DYNAMIC_TYPE_DTLS_MSG);
if (ssl->dtls_pending_finished == NULL)
return MEMORY_E;
ssl->dtls_pending_finished_sz = sz;
XMEMCPY(ssl->dtls_pending_finished,
ssl->buffers.inputBuffer.buffer +
ssl->buffers.inputBuffer.idx -
DTLS_RECORD_HEADER_SZ,
sz);
ssl->buffers.inputBuffer.idx += ssl->curSize;
}
else {
WOLFSSL_MSG("Silently dropping out of order DTLS message");
ssl->options.processReply = doProcessInit;
ssl->buffers.inputBuffer.length = 0;
ssl->buffers.inputBuffer.idx = 0;
#ifdef WOLFSSL_DTLS_DROP_STATS #ifdef WOLFSSL_DTLS_DROP_STATS
ssl->replayDropCount++; ssl->replayDropCount++;
#endif /* WOLFSSL_DTLS_DROP_STATS */ #endif /* WOLFSSL_DTLS_DROP_STATS */
if (IsDtlsNotSctpMode(ssl) && ssl->options.dtlsHsRetain) { if (IsDtlsNotSctpMode(ssl) && ssl->options.dtlsHsRetain) {
ret = DtlsMsgPoolSend(ssl, 0); ret = DtlsMsgPoolSend(ssl, 0);
if (ret != 0) if (ret != 0)
return ret; return ret;
}
} }
continue; continue;
} }
#endif #endif
@ -15343,33 +15296,6 @@ int ProcessReply(WOLFSSL* ssl)
server : client); server : client);
if (ret != 0) if (ret != 0)
return ret; return ret;
#ifdef WOLFSSL_DTLS
if (ssl->dtls_pending_finished != NULL &&
ssl->dtls_pending_finished_sz > 0) {
if (GrowInputBuffer(ssl, ssl->dtls_pending_finished_sz,
ssl->buffers.inputBuffer.length -
ssl->buffers.inputBuffer.idx) < 0) {
return MEMORY_E;
}
XMEMCPY(ssl->buffers.inputBuffer.buffer +
ssl->buffers.inputBuffer.idx,
ssl->dtls_pending_finished,
ssl->dtls_pending_finished_sz);
ssl->buffers.inputBuffer.length +=
ssl->dtls_pending_finished_sz;
XFREE(ssl->dtls_pending_finished, ssl->heap,
DYNAMIC_TYPE_DTLS_MSG);
ssl->dtls_pending_finished = NULL;
ssl->dtls_pending_finished_sz = 0;
ssl->options.processReply = getRecordLayerHeader;
continue;
}
#endif
#endif /* !WOLFSSL_NO_TLS12 */ #endif /* !WOLFSSL_NO_TLS12 */
break; break;

2
wolfssl/internal.h
View File

@ -4019,8 +4019,6 @@ struct WOLFSSL {
DtlsMsg* dtls_tx_msg_list; DtlsMsg* dtls_tx_msg_list;
DtlsMsg* dtls_tx_msg; DtlsMsg* dtls_tx_msg;
DtlsMsg* dtls_rx_msg_list; DtlsMsg* dtls_rx_msg_list;
byte* dtls_pending_finished;
word32 dtls_pending_finished_sz;
void* IOCB_CookieCtx; /* gen cookie ctx */ void* IOCB_CookieCtx; /* gen cookie ctx */
word32 dtls_expected_rx; word32 dtls_expected_rx;
#ifdef WOLFSSL_SESSION_EXPORT #ifdef WOLFSSL_SESSION_EXPORT