The server starts a timer when sending a HelloVerifyRequest, although its state should remain unchanged.
Thanks to Yogesh Chopra for finding this bug! Best regards Robin --- ssl/d1_srvr.c 25 May 2011 14:29:55 -0000 1.20.2.18 +++ ssl/d1_srvr.c 27 Jun 2011 10:02:10 -0000 @@ -295,7 +295,6 @@ case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B: - dtls1_start_timer(s); ret = dtls1_send_hello_verify_request(s); if ( ret <= 0) goto end; s->state=SSL3_ST_SW_FLUSH;
dtls-helloverify-timer-bug-1.0.0.patch
Description: Binary data
dtls-helloverify-timer-bug-1.0.1.patch
Description: Binary data
dtls-helloverify-timer-bug-0.9.8.patch
Description: Binary data