PR: 1828

[openssl.git] / ssl / d1_pkt.c

diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index eb56cf987ba3a12a4da4be7af6f0a46abbe200a4..b0ab1e850cafe00b717690767b25c57863d5b8c7 100644 (file)
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -942,7 +942,9 @@ start:
                                n2s(p, seq);
                                n2l3(p, frag_off);
 
-                               dtls1_retransmit_message(s, seq, frag_off, &found);
+                               dtls1_retransmit_message(s,
+                                                                                dtls1_get_queue_priority(frag->msg_header.seq, 0),
+                                                                                frag_off, &found);
                                if ( ! found  && SSL_in_init(s))
                                        {
                                        /* fprintf( stderr,"in init = %d\n", SSL_in_init(s)); */
@@ -1035,6 +1037,16 @@ start:
                        goto start;
                        }
 
+               /* If we are server, we may have a repeated FINISHED of the
+                * client here, then retransmit our CCS and FINISHED.
+                */
+               if (msg_hdr.type == SSL3_MT_FINISHED)
+                       {
+                       dtls1_retransmit_buffered_messages(s);
+                       rr->length = 0;
+                       goto start;
+                       }
+
                if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
                        !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
                        {
@@ -1758,6 +1770,7 @@ dtls1_reset_seq_numbers(SSL *s, int rw)
        else
                {
                seq = s->s3->write_sequence;
+               memcpy(s->d1->last_write_sequence, seq, sizeof(s->s3->write_sequence));
                s->d1->w_epoch++;
                }