From: Matt Caswell Date: Fri, 18 Jan 2019 12:10:07 +0000 (+0000) Subject: Revert "Keep the DTLS timer running after the end of the handshake if appropriate" X-Git-Tag: openssl-3.0.0-alpha1~2615 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=bcc1f3e2baa9caa83a0a94bd19fb37488ef3ee57;p=oweals%2Fopenssl.git Revert "Keep the DTLS timer running after the end of the handshake if appropriate" This commit erroneously kept the DTLS timer running after the end of the handshake. This is not correct behaviour and shold be reverted. This reverts commit f7506416b1311e65d5c440defdbcfe176f633c50. Fixes #7998 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8047) --- diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index c8ef0f72d7..a4b03ce471 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -440,19 +440,6 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, && SSL3_RECORD_get_length(rr) != 0) s->rlayer.alert_count = 0; - if (SSL3_RECORD_get_type(rr) != SSL3_RT_HANDSHAKE - && SSL3_RECORD_get_type(rr) != SSL3_RT_CHANGE_CIPHER_SPEC - && !SSL_in_init(s) - && (s->d1->next_timeout.tv_sec != 0 - || s->d1->next_timeout.tv_usec != 0)) { - /* - * The timer is still running but we've received something that isn't - * handshake data - so the peer must have finished processing our - * last handshake flight. Stop the timer. - */ - dtls1_stop_timer(s); - } - /* we now have a packet which can be read and processed */ if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec, diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 1a9aa41b99..2f78a3f602 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -1076,15 +1076,6 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop) /* N.B. s->ctx may not equal s->session_ctx */ tsan_counter(&s->ctx->stats.sess_accept_good); s->handshake_func = ossl_statem_accept; - - if (SSL_IS_DTLS(s) && !s->hit) { - /* - * We are finishing after the client. We start the timer going - * in case there are any retransmits of our final flight - * required. - */ - dtls1_start_timer(s); - } } else { if (SSL_IS_TLS13(s)) { /* @@ -1106,15 +1097,6 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop) s->handshake_func = ossl_statem_connect; tsan_counter(&s->session_ctx->stats.sess_connect_good); - - if (SSL_IS_DTLS(s) && s->hit) { - /* - * We are finishing after the server. We start the timer going - * in case there are any retransmits of our final flight - * required. - */ - dtls1_start_timer(s); - } } if (SSL_IS_DTLS(s)) {