WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #3860 from julek-wolfssl/scr-hello-verify 

SCR cookie exchange shouldn't change seq and epoch numbers
pull/3805/head
John Safranek 2021-03-10 16:11:03 -08:00 committed by GitHub
parent 72eebd6e75 26fb658206
commit fceba6eb6f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/internal.c
View File

@ -29768,10 +29768,16 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
output = ssl->buffers.outputBuffer.buffer +
ssl->buffers.outputBuffer.length;
/* Hello Verify Request should use the same sequence number as the
* Client Hello. */
ssl->keys.dtls_sequence_number_hi = ssl->keys.curSeq_hi;
ssl->keys.dtls_sequence_number_lo = ssl->keys.curSeq_lo;
/* Hello Verify Request should use the same sequence number
* as the Client Hello unless we are in renegotiation then
* don't change numbers */
#ifdef HAVE_SECURE_RENEGOTIATION
if (!IsSCR(ssl))
#endif
{
ssl->keys.dtls_sequence_number_hi = ssl->keys.curSeq_hi;
ssl->keys.dtls_sequence_number_lo = ssl->keys.curSeq_lo;
}
AddHeaders(output, length, hello_verify_request, ssl);
#ifdef OPENSSL_EXTRA