projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Don't fail the connection in SSLv3 if server selects ECDHE
[oweals/openssl.git]
/
ssl
/
statem
/
statem_dtls.c
diff --git
a/ssl/statem/statem_dtls.c
b/ssl/statem/statem_dtls.c
index 52e62a42731cfe28434fa0e24e8635c72ffdfe69..34964dbd5d791618a7c080c0c0fcd5174dcdf89c 100644
(file)
--- a/
ssl/statem/statem_dtls.c
+++ b/
ssl/statem/statem_dtls.c
@@
-656,7
+656,7
@@
dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st *msg_hdr)
}
} else {
if (frag_len != msg_hdr->msg_len) {
}
} else {
if (frag_len != msg_hdr->msg_len) {
- return dtls1_reassemble_fragment(s, msg_hdr);
;
+ return dtls1_reassemble_fragment(s, msg_hdr);
}
if (frag_len > dtls1_max_handshake_message_len(s))
}
if (frag_len > dtls1_max_handshake_message_len(s))
@@
-788,8
+788,10
@@
static int dtls_get_reassembled_message(SSL *s, int *errtype, size_t *len)
return 0;
}
return 0;
}
- if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
- wire[0] == SSL3_MT_HELLO_REQUEST) {
+ if (!s->server
+ && s->d1->r_msg_hdr.frag_off == 0
+ && s->statem.hand_state != TLS_ST_OK
+ && wire[0] == SSL3_MT_HELLO_REQUEST) {
/*
* The server may always send 'Hello Request' messages -- we are
* doing a handshake anyway now, so ignore them if their format is
/*
* The server may always send 'Hello Request' messages -- we are
* doing a handshake anyway now, so ignore them if their format is
@@
-919,13
+921,8
@@
int dtls1_read_failed(SSL *s, int code)
*/
return code;
}
*/
return code;
}
-#ifndef OPENSSL_NO_HEARTBEATS
- /* done, no need to send a retransmit */
- if (!SSL_in_init(s) && !s->tlsext_hb_pending)
-#else
/* done, no need to send a retransmit */
if (!SSL_in_init(s))
/* done, no need to send a retransmit */
if (!SSL_in_init(s))
-#endif
{
BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
return code;
{
BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
return code;