&& SSL3_RECORD_get_length(rr) != 0)
s->rlayer.alert_count = 0;
+ if (SSL3_RECORD_get_type(rr) != SSL3_RT_HANDSHAKE
+ && SSL3_RECORD_get_type(rr) != SSL3_RT_CHANGE_CIPHER_SPEC
+ && !SSL_in_init(s)
+ && (s->d1->next_timeout.tv_sec != 0
+ || s->d1->next_timeout.tv_usec != 0)) {
+ /*
+ * The timer is still running but we've received something that isn't
+ * handshake data - so the peer must have finished processing our
+ * last handshake flight. Stop the timer.
+ */
+ dtls1_stop_timer(s);
+ }
+
/* we now have a packet which can be read and processed */
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
CRYPTO_atomic_add(&s->ctx->stats.sess_accept_good, 1, &discard,
s->ctx->lock);
s->handshake_func = ossl_statem_accept;
+
+ if (SSL_IS_DTLS(s) && !s->hit) {
+ /*
+ * We are finishing after the client. We start the timer going
+ * in case there are any retransmits of our final flight
+ * required.
+ */
+ dtls1_start_timer(s);
+ }
} else {
/*
* In TLSv1.3 we update the cache as part of processing the
s->handshake_func = ossl_statem_connect;
CRYPTO_atomic_add(&s->session_ctx->stats.sess_connect_good, 1,
&discard, s->session_ctx->lock);
+
+ if (SSL_IS_DTLS(s) && s->hit) {
+ /*
+ * We are finishing after the server. We start the timer going
+ * in case there are any retransmits of our final flight
+ * required.
+ */
+ dtls1_start_timer(s);
+ }
}
if (SSL_IS_DTLS(s)) {