As mentioned by Nilesh Vaghela, DTLSv1_handle_timeout() does not handle errors because of too many retransmissions correctly. The return value should be -1 instead of 0, so the application can detect the error.
Best regards
Robin
--- ssl/d1_lib.c 25 May 2011 14:30:05 -0000 1.8.2.13.2.3
+++ ssl/d1_lib.c 22 Jun 2011 08:11:35 -0000
@@ -398,7 +398,7 @@
{
/* fail the connection, enough alerts have been sent */
SSLerr(SSL_F_DTLS1_HANDLE_TIMEOUT,SSL_R_READ_TIMEOUT_EXPIRED);
- return 0;
+ return -1;
}
state->timeout.read_timeouts++;
dtls-handle-timeout-bug-0.9.8.patch
Description: Binary data
dtls-handle-timeout-bug-1.0.0.patch
Description: Binary data
dtls-handle-timeout-bug-1.0.1.patch
Description: Binary data
