mirror of https://github.com/wolfSSL/wolfssl
Merge pull request #322 from ejohnstown/dtls-handshake
DTLS Handshake Update
This commit is contained in:
commit
8ca1c3935d
|
@ -6092,7 +6092,7 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
|||
*inOutIdx += fragSz;
|
||||
if(type == finished )
|
||||
*inOutIdx += ssl->keys.padSz;
|
||||
ret = 0;
|
||||
ret = DtlsPoolSend(ssl);
|
||||
}
|
||||
else if (fragSz < size) {
|
||||
/* Since this branch is in order, but fragmented, dtls_msg_list will be
|
||||
|
@ -7603,6 +7603,7 @@ int ProcessReply(WOLFSSL* ssl)
|
|||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_DTLS
|
||||
/* Check for duplicate CCS message in DTLS mode.
|
||||
* DTLS allows for duplicate messages, and it should be
|
||||
* skipped. */
|
||||
|
@ -7610,6 +7611,10 @@ int ProcessReply(WOLFSSL* ssl)
|
|||
ssl->msgsReceived.got_change_cipher) {
|
||||
|
||||
WOLFSSL_MSG("Duplicate ChangeCipher msg");
|
||||
ret = DtlsPoolSend(ssl);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
if (ssl->curSize != 1) {
|
||||
WOLFSSL_MSG("Malicious or corrupted"
|
||||
" duplicate ChangeCipher msg");
|
||||
|
@ -7618,6 +7623,7 @@ int ProcessReply(WOLFSSL* ssl)
|
|||
ssl->buffers.inputBuffer.idx++;
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = SanityCheckMsgReceived(ssl, change_cipher_hs);
|
||||
if (ret != 0)
|
||||
|
@ -7680,6 +7686,12 @@ int ProcessReply(WOLFSSL* ssl)
|
|||
|
||||
case application_data:
|
||||
WOLFSSL_MSG("got app DATA");
|
||||
#ifdef WOLFSSL_DTLS
|
||||
if (ssl->options.dtls && ssl->options.dtlsHsRetain) {
|
||||
FreeHandshakeResources(ssl);
|
||||
ssl->options.dtlsHsRetain = 0;
|
||||
}
|
||||
#endif
|
||||
if ((ret = DoApplicationData(ssl,
|
||||
ssl->buffers.inputBuffer.buffer,
|
||||
&ssl->buffers.inputBuffer.idx))
|
||||
|
@ -7810,7 +7822,7 @@ int SendChangeCipher(WOLFSSL* ssl)
|
|||
|
||||
if (ssl->options.groupMessages)
|
||||
return 0;
|
||||
#ifdef WOLFSSL_DTLS
|
||||
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_DEBUG_DTLS)
|
||||
else if (ssl->options.dtls) {
|
||||
/* If using DTLS, force the ChangeCipherSpec message to be in the
|
||||
* same datagram as the finished message. */
|
||||
|
|
5
src/io.c
5
src/io.c
|
@ -404,7 +404,10 @@ int EmbedReceiveFrom(WOLFSSL *ssl, char *buf, int sz, void *ctx)
|
|||
|
||||
WOLFSSL_ENTER("EmbedReceiveFrom()");
|
||||
|
||||
if (!wolfSSL_get_using_nonblock(ssl) && dtls_timeout != 0) {
|
||||
if (ssl->options.handShakeDone)
|
||||
dtls_timeout = 0;
|
||||
|
||||
if (!wolfSSL_get_using_nonblock(ssl)) {
|
||||
#ifdef USE_WINDOWS_API
|
||||
DWORD timeout = dtls_timeout * 1000;
|
||||
#else
|
||||
|
|
22
src/ssl.c
22
src/ssl.c
|
@ -6060,7 +6060,16 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||
}
|
||||
}
|
||||
#endif /* NO_HANDSHAKE_DONE_CB */
|
||||
FreeHandshakeResources(ssl);
|
||||
|
||||
if (!ssl->options.dtls) {
|
||||
FreeHandshakeResources(ssl);
|
||||
}
|
||||
#ifdef WOLFSSL_DTLS
|
||||
else {
|
||||
ssl->options.dtlsHsRetain = 1;
|
||||
}
|
||||
#endif /* WOLFSSL_DTLS */
|
||||
|
||||
WOLFSSL_LEAVE("SSL_connect()", SSL_SUCCESS);
|
||||
return SSL_SUCCESS;
|
||||
|
||||
|
@ -6334,7 +6343,16 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||
}
|
||||
}
|
||||
#endif /* NO_HANDSHAKE_DONE_CB */
|
||||
FreeHandshakeResources(ssl);
|
||||
|
||||
if (!ssl->options.dtls) {
|
||||
FreeHandshakeResources(ssl);
|
||||
}
|
||||
#ifdef WOLFSSL_DTLS
|
||||
else {
|
||||
ssl->options.dtlsHsRetain = 1;
|
||||
}
|
||||
#endif /* WOLFSSL_DTLS */
|
||||
|
||||
WOLFSSL_LEAVE("SSL_accept()", SSL_SUCCESS);
|
||||
return SSL_SUCCESS;
|
||||
|
||||
|
|
|
@ -2270,6 +2270,9 @@ typedef struct Options {
|
|||
word16 createTicket:1; /* Server to create new Ticket */
|
||||
word16 useTicket:1; /* Use Ticket not session cache */
|
||||
#endif
|
||||
#ifdef WOLFSSL_DTLS
|
||||
word16 dtlsHsRetain:1; /* DTLS retaining HS data */
|
||||
#endif
|
||||
|
||||
/* need full byte values for this section */
|
||||
byte processReply; /* nonblocking resume */
|
||||
|
|
Loading…
Reference in New Issue