From: Dr. Stephen Henson Date: Sun, 3 Apr 2011 17:14:48 +0000 (+0000) Subject: PR: 2462 X-Git-Tag: OpenSSL_1_0_1-beta1~334 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=2ab42de1ec2303f1ab2e155c260158580c3c57e5;p=oweals%2Fopenssl.git PR: 2462 Submitted by: Robin Seggelmann Reviewed by: steve Fix DTLS Retransmission Buffer Bug --- diff --git a/ssl/d1_both.c b/ssl/d1_both.c index c195159967..2180c6d4da 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -468,20 +468,6 @@ again: if (!s->d1->listen) s->d1->handshake_read_seq++; - /* we just read a handshake message from the other side: - * this means that we don't need to retransmit of the - * buffered messages. - * XDTLS: may be able clear out this - * buffer a little sooner (i.e if an out-of-order - * handshake message/record is received at the record - * layer. - * XDTLS: exception is that the server needs to - * know that change cipher spec and finished messages - * have been received by the client before clearing this - * buffer. this can simply be done by waiting for the - * first data segment, but is there a better way? */ - dtls1_clear_record_buffer(s); - s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH; return s->init_num; diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index 96b220e87c..0e7f5331db 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -330,6 +330,8 @@ void dtls1_stop_timer(SSL *s) memset(&(s->d1->next_timeout), 0, sizeof(struct timeval)); s->d1->timeout_duration = 1; BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, &(s->d1->next_timeout)); + /* Clear retransmission buffer */ + dtls1_clear_record_buffer(s); } int dtls1_handle_timeout(SSL *s)