OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________
________________
Server: cvs.openssl.org Name: Andy
Polyakov
Root: /v/openssl/cvs Email: appro openssl.org
Module: openssl Date:
30-Sep-2007 21:34:36
Branch: HEAD Handle:
2007093020343600
Modified files:
openssl/ssl d1_clnt.c d1_srvr.c
Log:
DTLS RFC4347 says HelloVerifyRequest resets Finished
MAC.
Summary:
Revision Changes Path
1.14 +4 -2 openssl/ssl/d1_clnt.c
1.17 +3 -0 openssl/ssl/d1_srvr.c
____________________________________________________________
________________
patch -p0 <<' .'
Index: openssl/ssl/d1_clnt.c
============================================================
================
$ cvs diff -u -r1.13 -r1.14 d1_clnt.c
--- openssl/ssl/d1_clnt.c 30 Sep 2007 19:15:27 -0000 1.13
+++ openssl/ssl/d1_clnt.c 30 Sep 2007 19:34:36 -0000 1.14
-213,8 +213,6
/* don't push the buffering BIO quite yet */
- ssl3_init_finished_mac(s);
-
s->state=SSL3_ST_CW_CLNT_HELLO_A;
s->ctx->stats.sess_connect++;
s->init_num=0;
-226,6 +224,10
case SSL3_ST_CW_CLNT_HELLO_B:
s->shutdown=0;
+
+ /* every DTLS ClientHello resets Finished MAC */
+ ssl3_init_finished_mac(s);
+
ret=dtls1_client_hello(s);
if (ret <= 0) goto end;
.
patch -p0 <<' .'
Index: openssl/ssl/d1_srvr.c
============================================================
================
$ cvs diff -u -r1.16 -r1.17 d1_srvr.c
--- openssl/ssl/d1_srvr.c 30 Sep 2007 18:53:54 -0000 1.16
+++ openssl/ssl/d1_srvr.c 30 Sep 2007 19:34:36 -0000 1.17
-286,6 +286,9
s->d1->send_cookie = 0;
s->state=SSL3_ST_SW_FLUSH;
s->s3->tmp.next_state=SSL3_ST_SR_CLNT_HELLO_A;
+
+ /* HelloVerifyRequest resets Finished MAC */
+ ssl3_init_finished_mac(s);
break;
case SSL3_ST_SW_SRVR_HELLO_A:
.
____________________________________________________________
__________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List
openssl-cvsopenssl.org
Automated List Manager
majordomoopenssl.org
|
