Commit 86fe421d authored by Matt Caswell's avatar Matt Caswell
Browse files

Properly handle duplicated messages from the next epoch 



Since 1fb9fdc3 we may attempt to buffer a record from the next epoch
that has already been buffered. Prior to that this never occurred.

We simply ignore a failure to buffer a duplicated record.

Fixes #6902

Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7414)

(cherry picked from commit 840facc3ccab481e1a0bc2cb6e7740e362df7422)
parent f3f7f1a8

ssl/record/rec_layer_d1.c

+1 −4
Original line number Diff line number Diff line
@@ -185,14 +185,11 @@ int dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) 
        return -1;

    }



    /* insert should not fail, since duplicates are dropped */

    if (pqueue_insert(queue->q, item) == NULL) {

        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DTLS1_BUFFER_RECORD,

                 ERR_R_INTERNAL_ERROR);

        /* Must be a duplicate so ignore it */

        OPENSSL_free(rdata->rbuf.buf);

        OPENSSL_free(rdata);

        pitem_free(item);

        return -1;

    }



    return 1;