(Was waiting for the RT to autoreply with a number before I followed up,
but it doesn't seem to have arrived after half an hour, so I'll send
anyway. Hopefully the References: header will associate this with the
previous mail anyway...)
On Sun, 2008-10-05 at 21:38 +0100, David Woodhouse wrote:
> That doesn't solve the question of why non-blocking I/O was returning
> crap for the offending out-of-order packets, instead of just returning
> an error with SSL_ERROR_WANT_READ as might be expected. But at least
> it'll make that bug offend me less.
This seems to fix the garbage packets.
--- ssl/d1_pkt.c~ 2008-10-02 06:43:47.000000000 +0100
+++ ssl/d1_pkt.c 2008-10-05 21:44:54.000000000 +0100
@@ -597,6 +597,7 @@ again:
/* check whether this is a repeat, or aged record */
if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
{
+ rr->length = 0;
s->packet_length=0; /* dump this record */
goto again; /* get another record */
}
--
David Woodhouse Open Source Technology Centre
[EMAIL PROTECTED] Intel Corporation
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
