diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2013-03-27 15:50:42 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-09-18 13:46:02 +0100 |
commit | efc17286f86fd55496c28021fce475a0ffe1957a (patch) | |
tree | eac0c182f2f99a444c283615d308b05e8f9b00a5 /ssl | |
parent | acec5a6244b6e54b805a5f7512efc72e18cc693a (diff) |
DTLS 1.2 cached record support.
Add DTLS1.2 support for cached records when computing handshake macs
instead of the MD5+SHA1 case for DTLS < 1.2 (this is a port of the
equivalent TLS 1.2 code to DTLS).
(cherry picked from commit 04fac50045929e7078cad4835478dd7f16b6d4bd)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/d1_srvr.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index b0f516880e..e8a829b354 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -650,6 +650,24 @@ int dtls1_accept(SSL *s) s->state=SSL3_ST_SR_FINISHED_A; s->init_num = 0; } + else if (SSL_USE_SIGALGS(s)) + { + s->state=SSL3_ST_SR_CERT_VRFY_A; + s->init_num=0; + if (!s->session->peer) + break; + /* For sigalgs freeze the handshake buffer + * at this point and digest cached records. + */ + if (!s->s3->handshake_buffer) + { + SSLerr(SSL_F_SSL3_ACCEPT,ERR_R_INTERNAL_ERROR); + return -1; + } + s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE; + if (!ssl3_digest_cached_records(s)) + return -1; + } else { s->state=SSL3_ST_SR_CERT_VRFY_A; |