DTLS message_sequence number wrong in rehandshake ServerHello

This fix ensures that * A HelloRequest is retransmitted if not responded by a ClientHello * The HelloRequest "consumes" the sequence number 0. The subsequent ServerHello uses the sequence number 1. * The client also expects the sequence number of the ServerHello to be 1 if a HelloRequest was received earlier. This patch fixes the RFC violation. (cherry picked from commit b62f4daac00303280361924b9cc19b3e27528b15)
author: Michael Tuexen <tuexen@fh-muenster.de> 2013-08-13 18:53:19 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2013-08-13 18:55:41 +0100
commit: 83a3af9f4e61170afad6f79f161fad8245ae1f95 (patch)
tree: e72dcd1c791a5ee422e36333c35ed69c97b63f9d /ssl/d1_srvr.c
parent: 76bf0cf27cadbb151b50bcc1f0630afa47f5e688 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 29421da9aa..1e7c45a021 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -276,10 +276,11 @@ int dtls1_accept(SSL *s)
 		case SSL3_ST_SW_HELLO_REQ_B:
 
 			s->shutdown=0;
+			dtls1_clear_record_buffer(s);
 			dtls1_start_timer(s);
 			ret=dtls1_send_hello_request(s);
 			if (ret <= 0) goto end;
-			s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
+			s->s3->tmp.next_state=SSL3_ST_SR_CLNT_HELLO_A;
 			s->state=SSL3_ST_SW_FLUSH;
 			s->init_num=0;
author	Michael Tuexen <tuexen@fh-muenster.de>	2013-08-13 18:53:19 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2013-08-13 18:55:41 +0100
commit	83a3af9f4e61170afad6f79f161fad8245ae1f95 (patch)
tree	e72dcd1c791a5ee422e36333c35ed69c97b63f9d /ssl/d1_srvr.c
parent	76bf0cf27cadbb151b50bcc1f0630afa47f5e688 (diff)