From: Matt Caswell Date: Tue, 16 Oct 2018 16:08:11 +0000 (+0100) Subject: Properly handle duplicated messages from the next epoch X-Git-Tag: openssl-3.0.0-alpha1~3015 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=840facc3ccab481e1a0bc2cb6e7740e362df7422;p=oweals%2Fopenssl.git Properly handle duplicated messages from the next epoch Since 1fb9fdc30 we may attempt to buffer a record from the next epoch that has already been buffered. Prior to that this never occurred. We simply ignore a failure to buffer a duplicated record. Fixes #6902 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/7414) --- diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 43e1f98953..1f9b31969d 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -185,14 +185,11 @@ int dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) return -1; } - /* insert should not fail, since duplicates are dropped */ if (pqueue_insert(queue->q, item) == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DTLS1_BUFFER_RECORD, - ERR_R_INTERNAL_ERROR); + /* Must be a duplicate so ignore it */ OPENSSL_free(rdata->rbuf.buf); OPENSSL_free(rdata); pitem_free(item); - return -1; } return 1;