Skip to content
Commit e8300984 authored by Matt Caswell's avatar Matt Caswell
Browse files

Only call ssl3_init_finished_mac once for DTLS



In DTLS if an IO retry occurs during writing of a fragmented ClientHello
then we can end up reseting the finish mac variables on the retry, which
causes a handshake failure. We should only reset on the first attempt not
on retries.

Thanks to BoringSSL for reporting this issue.

RT#4119

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
(cherry picked from commit 15a7164e)
parent 84d0c40f
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment