Firstly, the bitmap we use for replay protection was ending up with zero

length, so a _single_ pair of packets getting switched around would
cause one of them to be 'dropped'.

Secondly, it wasn't even _dropping_ the offending packets, in the
non-blocking case. It was just returning garbage instead.
PR: #1752
Submitted by: David Woodhouse <dwmw2@infradead.org>

diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index fc088b41489384927847e64d598d1e99b2099234..3568e97a8771573c97a3ff421218e78a6ca4c903 100644 (file)
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -106,6 +106,7 @@ int dtls1_new(SSL *s)
        pq_64bit_init(&(d1->bitmap.map));
        pq_64bit_init(&(d1->bitmap.max_seq_num));
        
+       d1->next_bitmap.length = d1->bitmap.length;
        pq_64bit_init(&(d1->next_bitmap.map));
        pq_64bit_init(&(d1->next_bitmap.max_seq_num));
 

diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index b2765ba8019ff70e5c05f4ff82e3db7ad1347f96..eb56cf987ba3a12a4da4be7af6f0a46abbe200a4 100644 (file)
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -597,6 +597,7 @@ again:
        /* check whether this is a repeat, or aged record */
        if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
                {
+               rr->length = 0;
                s->packet_length=0; /* dump this record */
                goto again;     /* get another record */
                }