diff options
Diffstat (limited to 'lib/libssl')
-rw-r--r-- | lib/libssl/d1_pkt.c | 31 | ||||
-rw-r--r-- | lib/libssl/s3_srvr.c | 5 |
2 files changed, 19 insertions, 17 deletions
diff --git a/lib/libssl/d1_pkt.c b/lib/libssl/d1_pkt.c index a3ba33548e3..60c1236f53a 100644 --- a/lib/libssl/d1_pkt.c +++ b/lib/libssl/d1_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_pkt.c,v 1.41 2015/06/13 08:38:10 doug Exp $ */ +/* $OpenBSD: d1_pkt.c,v 1.42 2015/06/17 07:29:33 doug Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -575,20 +575,21 @@ again: /* get another record */ } - /* Check whether this is a repeat, or aged record. - * Don't check if we're listening and this message is - * a ClientHello. They can look as if they're replayed, - * since they arrive from different connections and - * would be dropped unnecessarily. - */ - if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE && - p != NULL && *p == SSL3_MT_CLIENT_HELLO) && - !dtls1_record_replay_check(s, bitmap)) { - rr->length = 0; - s->packet_length=0; /* dump this record */ - goto again; - /* get another record */ - } + /* + * Check whether this is a repeat, or aged record. + * Don't check if we're listening and this message is + * a ClientHello. They can look as if they're replayed, + * since they arrive from different connections and + * would be dropped unnecessarily. + */ + if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE && + p != NULL && *p == SSL3_MT_CLIENT_HELLO) && + !dtls1_record_replay_check(s, bitmap)) { + rr->length = 0; + s->packet_length=0; /* dump this record */ + goto again; + /* get another record */ + } /* just read a 0 length packet */ if (rr->length == 0) diff --git a/lib/libssl/s3_srvr.c b/lib/libssl/s3_srvr.c index 1aa39c28635..867e796529c 100644 --- a/lib/libssl/s3_srvr.c +++ b/lib/libssl/s3_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_srvr.c,v 1.106 2015/06/15 05:32:58 doug Exp $ */ +/* $OpenBSD: s3_srvr.c,v 1.107 2015/06/17 07:29:33 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1407,7 +1407,8 @@ ssl3_send_server_key_exchange(SSL *s) if (((group = EC_KEY_get0_group(ecdh)) == NULL) || (EC_KEY_get0_public_key(ecdh) == NULL) || (EC_KEY_get0_private_key(ecdh) == NULL)) { - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB); + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, + ERR_R_ECDH_LIB); goto err; } |