diff options
author | Matt Caswell <matt@openssl.org> | 2018-01-16 11:26:50 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-03-21 10:32:15 +0000 |
commit | 329aa3412ea1d8baa4fb09c976b11f9e7c46a762 (patch) | |
tree | aee63b05790dd5a72f361d04682ae0b78abf9057 | |
parent | 041ddc366b6d18ee3993877a50299257e688c00c (diff) |
Don't wait for dry at the end of a handshake
For DTLS/SCTP we were waiting for a dry event during the call to
tls_finish_handshake(). This function just tidies up various internal
things, and after it completes the handshake is over. I can find no good
reason for waiting for a dry event here, and nothing in RFC6083 suggests
to me that we should need to. More importantly though it seems to be
wrong. It is perfectly possible for a peer to send app data/alerts/new
handshake while we are still cleaning up our handshake. If this happens
then we will never get the dry event and so we cannot continue.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5085)
-rw-r--r-- | ssl/statem/statem_lib.c | 9 |
1 files changed, 0 insertions, 9 deletions
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 570214553a..4e606d84e8 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -273,15 +273,6 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst) { void (*cb) (const SSL *ssl, int type, int val) = NULL; -#ifndef OPENSSL_NO_SCTP - if (SSL_IS_DTLS(s) && BIO_dgram_is_sctp(SSL_get_wbio(s))) { - WORK_STATE ret; - ret = dtls_wait_for_dry(s); - if (ret != WORK_FINISHED_CONTINUE) - return ret; - } -#endif - /* clean a few things up */ ssl3_cleanup_key_block(s); |