From: Matt Caswell Date: Fri, 18 Jan 2019 12:10:07 +0000 (+0000) Subject: Revert "Keep the DTLS timer running after the end of the handshake if appropriate" X-Git-Tag: OpenSSL_1_1_1b~71 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=8e3df4012a8177b89707ebec249be417508c8c7f;p=oweals%2Fopenssl.git Revert "Keep the DTLS timer running after the end of the handshake if appropriate" This commit erroneously kept the DTLS timer running after the end of the handshake. This is not correct behaviour and shold be reverted. This reverts commit f7506416b1311e65d5c440defdbcfe176f633c50. Fixes #7998 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8047) (cherry picked from commit bcc1f3e2baa9caa83a0a94bd19fb37488ef3ee57) --- diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 1f9b31969d..1e129b77b4 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -440,19 +440,6 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, && SSL3_RECORD_get_length(rr) != 0) s->rlayer.alert_count = 0; - if (SSL3_RECORD_get_type(rr) != SSL3_RT_HANDSHAKE - && SSL3_RECORD_get_type(rr) != SSL3_RT_CHANGE_CIPHER_SPEC - && !SSL_in_init(s) - && (s->d1->next_timeout.tv_sec != 0 - || s->d1->next_timeout.tv_usec != 0)) { - /* - * The timer is still running but we've received something that isn't - * handshake data - so the peer must have finished processing our - * last handshake flight. Stop the timer. - */ - dtls1_stop_timer(s); - } - /* we now have a packet which can be read and processed */ if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec, diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index be270e23fc..cf62c8fed2 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -1076,15 +1076,6 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop) /* N.B. s->ctx may not equal s->session_ctx */ tsan_counter(&s->ctx->stats.sess_accept_good); s->handshake_func = ossl_statem_accept; - - if (SSL_IS_DTLS(s) && !s->hit) { - /* - * We are finishing after the client. We start the timer going - * in case there are any retransmits of our final flight - * required. - */ - dtls1_start_timer(s); - } } else { if (SSL_IS_TLS13(s)) { /* @@ -1106,15 +1097,6 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop) s->handshake_func = ossl_statem_connect; tsan_counter(&s->session_ctx->stats.sess_connect_good); - - if (SSL_IS_DTLS(s) && s->hit) { - /* - * We are finishing after the server. We start the timer going - * in case there are any retransmits of our final flight - * required. - */ - dtls1_start_timer(s); - } } if (SSL_IS_DTLS(s)) {