mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #322 from ejohnstown/dtls-handshake 

DTLS Handshake Update
This commit is contained in:
dgarske 2016-03-03 14:33:31 -08:00
parent b9ecd9474c 69e00a3f97
commit 8ca1c3935d
4 changed files with 41 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/internal.c
View File

@ -6092,7 +6092,7 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
*inOutIdx += fragSz;
if(type == finished )
*inOutIdx += ssl->keys.padSz;
ret = 0;
ret = DtlsPoolSend(ssl);
}
else if (fragSz < size) {
/* Since this branch is in order, but fragmented, dtls_msg_list will be
@ -7603,6 +7603,7 @@ int ProcessReply(WOLFSSL* ssl)
}
#endif
#ifdef WOLFSSL_DTLS
/* Check for duplicate CCS message in DTLS mode.
* DTLS allows for duplicate messages, and it should be
* skipped. */
@ -7610,6 +7611,10 @@ int ProcessReply(WOLFSSL* ssl)
ssl->msgsReceived.got_change_cipher) {
WOLFSSL_MSG("Duplicate ChangeCipher msg");
ret = DtlsPoolSend(ssl);
if (ret != 0)
return ret;
if (ssl->curSize != 1) {
WOLFSSL_MSG("Malicious or corrupted"
" duplicate ChangeCipher msg");
@ -7618,6 +7623,7 @@ int ProcessReply(WOLFSSL* ssl)
ssl->buffers.inputBuffer.idx++;
break;
}
#endif
ret = SanityCheckMsgReceived(ssl, change_cipher_hs);
if (ret != 0)
@ -7680,6 +7686,12 @@ int ProcessReply(WOLFSSL* ssl)
case application_data:
WOLFSSL_MSG("got app DATA");
#ifdef WOLFSSL_DTLS
if (ssl->options.dtls && ssl->options.dtlsHsRetain) {
FreeHandshakeResources(ssl);
ssl->options.dtlsHsRetain = 0;
}
#endif
if ((ret = DoApplicationData(ssl,
ssl->buffers.inputBuffer.buffer,
&ssl->buffers.inputBuffer.idx))
@ -7810,7 +7822,7 @@ int SendChangeCipher(WOLFSSL* ssl)
if (ssl->options.groupMessages)
return 0;
#ifdef WOLFSSL_DTLS
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_DEBUG_DTLS)
else if (ssl->options.dtls) {
/* If using DTLS, force the ChangeCipherSpec message to be in the
* same datagram as the finished message. */

5
src/io.c
View File

@ -404,7 +404,10 @@ int EmbedReceiveFrom(WOLFSSL *ssl, char *buf, int sz, void *ctx)
WOLFSSL_ENTER("EmbedReceiveFrom()");
if (!wolfSSL_get_using_nonblock(ssl) && dtls_timeout != 0) {
if (ssl->options.handShakeDone)
dtls_timeout = 0;
if (!wolfSSL_get_using_nonblock(ssl)) {
#ifdef USE_WINDOWS_API
DWORD timeout = dtls_timeout * 1000;
#else

22
src/ssl.c
View File

@ -6060,7 +6060,16 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
}
}
#endif /* NO_HANDSHAKE_DONE_CB */
FreeHandshakeResources(ssl);
if (!ssl->options.dtls) {
FreeHandshakeResources(ssl);
}
#ifdef WOLFSSL_DTLS
else {
ssl->options.dtlsHsRetain = 1;
}
#endif /* WOLFSSL_DTLS */
WOLFSSL_LEAVE("SSL_connect()", SSL_SUCCESS);
return SSL_SUCCESS;
@ -6334,7 +6343,16 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
}
}
#endif /* NO_HANDSHAKE_DONE_CB */
FreeHandshakeResources(ssl);
if (!ssl->options.dtls) {
FreeHandshakeResources(ssl);
}
#ifdef WOLFSSL_DTLS
else {
ssl->options.dtlsHsRetain = 1;
}
#endif /* WOLFSSL_DTLS */
WOLFSSL_LEAVE("SSL_accept()", SSL_SUCCESS);
return SSL_SUCCESS;

3
wolfssl/internal.h
View File

@ -2270,6 +2270,9 @@ typedef struct Options {
word16 createTicket:1; /* Server to create new Ticket */
word16 useTicket:1; /* Use Ticket not session cache */
#endif
#ifdef WOLFSSL_DTLS
word16 dtlsHsRetain:1; /* DTLS retaining HS data */
#endif
/* need full byte values for this section */
byte processReply; /* nonblocking resume */