Provide partial support for fragmented DTLS ClientHellos (4b1043ef) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit 4b1043ef authored Nov 04, 2015 by

Matt Caswell

Provide partial support for fragmented DTLS ClientHellos

The recently rewriten DTLSv1_listen code does not support fragmented
ClientHello messages because fragment reassembly requires server state
which is against the whole point of DTLSv1_listen. This change adds some
partial support for fragmented ClientHellos. It requires that the cookie
must be within the initial fragment. That way any non-initial ClientHello
fragments can be dropped and fragment reassembly is not required.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

parent 7d1d48a2

Hide whitespace changes

Inline Side-by-side

Please register or to comment