While listening, ClientHellos from different connections arrive. Since they are similar, most are dropped by the replay check. This is unnecessary, so the replay check shouldn't be performed for ClientHellos while listening.
--- ssl/d1_pkt.c 26 Aug 2009 11:51:23 -0000 1.27.2.16
+++ ssl/d1_pkt.c 11 Sep 2009 14:02:12 -0000
@@ -648,8 +648,15 @@
goto again; /* get another record */
}
- /* check whether this is a repeat, or aged record */
- if ( ! dtls1_record_replay_check(s, bitmap))
+ /* Check whether this is a repeat, or aged record.
+ * Don't check if we're listening and this message is
+ * a ClientHello. They can look as if they're replayed,
+ * since they arrive from different connections and
+ * would be dropped unnecessarily.
+ */
+ if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
+ *p == SSL3_MT_CLIENT_HELLO) &&
+ !dtls1_record_replay_check(s, bitmap))
{
rr->length = 0;
s->packet_length=0; /* dump this record */
dtls-listen-bug.patch
Description: Binary data
