TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-20 19:21:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Don't reset badmac_seen on a DTLS client reconnect

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
2025-02-17 16:36:36 +01:00
parent b710599e4a
commit cb72cd2ec3
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
library/ssl_tls.c
View File

@@ -1488,10 +1488,15 @@ void mbedtls_ssl_session_reset_msg_layer(mbedtls_ssl_context *ssl,
ssl->in_msgtype = 0;
ssl->in_msglen = 0;
ssl->in_hslen = 0;
ssl->badmac_seen_or_in_hsfraglen = 0;
ssl->keep_current_message = 0;
ssl->transform_in = NULL;
/* TLS: reset in_hsfraglen, which is part of message parsing.
* DTLS: on a client reconnect, don't reset badmac_seen. */
if (!partial) {
ssl->badmac_seen_or_in_hsfraglen = 0;
}
#if defined(MBEDTLS_SSL_PROTO_DTLS)
ssl->next_record_offset = 0;
ssl->in_epoch = 0;