CVSROOT: /cvs
Module name: src
Changes by: js...@cvs.openbsd.org 2020/10/15 12:00:31
Modified files:
lib/libssl : d1_both.c
Log message:
Unbreak DTLS retransmissions for flights that include a CCS.
When retransmitting a flight that includes a CCS, the record protection
from the previous epoch has to be used to send the messages up to and
including the CCS, with messages after the CCS using record protection
from the current epoch. The code that restores the record protection state
failed to work correctly with the new TLSv1.2 record layer.
ok tb@
