Commit e9f613ac authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

PR: 2039 

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS listen bug fix,
parent a25f33d2

ssl/d1_pkt.c

+9 −2
Original line number Diff line number Diff line
@@ -648,8 +648,15 @@ again: 
		goto again;   /* get another record */

		}



	/* check whether this is a repeat, or aged record */

	if ( ! dtls1_record_replay_check(s, bitmap))

	/* Check whether this is a repeat, or aged record.

	 * Don't check if we're listening and this message is

	 * a ClientHello. They can look as if they're replayed,

	 * since they arrive from different connections and

	 * would be dropped unnecessarily.

	 */

	if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&

		*p == SSL3_MT_CLIENT_HELLO) &&

		!dtls1_record_replay_check(s, bitmap))

		{

		rr->length = 0;

		s->packet_length=0; /* dump this record */