Google Git
Sign in
boringssl/boringssl.git/302b818d4b88f5708661070143454d40c7598572^!/./ssl/d1_both.cc
commit
302b818d4b88f5708661070143454d40c7598572
[log]
author
David Benjamin <davidben@google.com>
Tue Aug 22 14:47:22 2017 -0700
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Wed Aug 23 17:13:42 2017 +0000
tree
0a3d90f87b7e40a48483e06a130362724e4bcf13
parent
8fc2dc07d868efafe0f4db5a5df238e2576deb13 [diff] [blame]
Only enable DTLS post-handshake rexmits if we sent the final Finished.

I messed up https://boringssl-review.googlesource.com/8883 and caused
both sides to believe they had sent the final Finished. Use next_message
to detect whether our last flight had a reply.

Change-Id: Ia4d8c8eefa818c9a69acc94d63c9c863293c3cf5
Reviewed-on: https://boringssl-review.googlesource.com/19604
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/d1_both.cc b/ssl/d1_both.cc
index 2538d28..71a7161 100644
--- a/ssl/d1_both.cc
+++ b/ssl/d1_both.cc

@@ -444,6 +444,11 @@
   ssl->d1->incoming_messages[index] = NULL;
   ssl->d1->handshake_read_seq++;
   ssl->s3->has_message = 0;
+  /* If we previously sent a flight, mark it as having a reply, so
+   * |on_handshake_complete| can manage post-handshake retransmission. */
+  if (ssl->d1->outgoing_messages_complete) {
+    ssl->d1->flight_has_reply = true;
+  }
 }
 
 void dtls_clear_incoming_messages(SSL *ssl) {
@@ -509,6 +514,7 @@
   ssl->d1->outgoing_written = 0;
   ssl->d1->outgoing_offset = 0;
   ssl->d1->outgoing_messages_complete = false;
+  ssl->d1->flight_has_reply = false;
 }
 
 int dtls1_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type) {