[openssl-dev] [openssl.org #4119] DTLS resets handshake hash too frequently for ClientHello
Matt Caswell via RT
rt at openssl.org
Wed Nov 4 17:04:41 UTC 2015
On 04/11/15 15:30, David Benjamin via RT wrote:
> On Wed, Nov 4, 2015 at 7:04 AM Matt Caswell via RT <rt at openssl.org> wrote:
>
>>
>>
>> On 03/11/15 17:43, David Benjamin via RT wrote:
>>
>>> I'm not sure that fix quite works though. If BIO_flush completes
>>> asynchronously
>>
>> Ahhh, yes good point. Updated patch attached.
>>
>>> (hrm, it's missing an rwstate update),
>>
>> Yes, just discovered that myself and then came back and reread your
>> email to find out you already pointed it out! Also addressed in updated
>> patch.
>>
>
> The new patch seems to almost work. I merged it into our codebase since we
> hadn't diverged too much on that function yet and ran it against our tests
> (fixed to actually stress low MTUs). The s->init_off <=
> DTLS1_HM_HEADER_LENGTH assertion is only true in the frag_off > 0 case.
> After moving it there, everything passes.
>
> For reference, here's the merged version:
> https://boringssl-review.googlesource.com/#/c/6424/
Great! Thanks David.
Matt
More information about the openssl-dev
mailing list