wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 02:37:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Alerts

Browse Source 
Alerts the server sends between receiving the client's CCS message and before it sends its own CCS message should not be encrypted.
This commit is contained in:
John Safranek
2021-01-21 14:48:10 -08:00
parent 3e4c3d13fe
commit fe7be3e15f
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/internal.c
View File

@ -209,15 +209,14 @@ int IsAtLeastTLSv1_3(const ProtocolVersion pv)
static WC_INLINE int IsEncryptionOn(WOLFSSL* ssl, int isSend) static WC_INLINE int IsEncryptionOn(WOLFSSL* ssl, int isSend)
{ {
(void)isSend;
#ifdef WOLFSSL_DTLS #ifdef WOLFSSL_DTLS
/* For DTLS, epoch 0 is always not encrypted. */ /* For DTLS, epoch 0 is always not encrypted. */
if (ssl->options.dtls && !isSend && ssl->keys.curEpoch == 0) if (ssl->options.dtls && !isSend && ssl->keys.curEpoch == 0)
return 0; return 0;
#endif /* WOLFSSL_DTLS */ #endif /* WOLFSSL_DTLS */
return ssl->keys.encryptionOn; return ssl->keys.encryptionOn &&
(isSend ? ssl->encrypt.setup : ssl->decrypt.setup);
} }