1 files changed, 16 insertions, 15 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index a3ba33548e..60c1236f53 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.41 2015/06/13 08:38:10 doug Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.42 2015/06/17 07:29:33 doug Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -575,20 +575,21 @@ again:
                /* get another record */
        }
-                /* Check whether this is a repeat, or aged record.
+        /*
-                 * Don't check if we're listening and this message is
+         * Check whether this is a repeat, or aged record.
-                 * a ClientHello. They can look as if they're replayed,
+         * Don't check if we're listening and this message is
-                 * since they arrive from different connections and
+         * a ClientHello. They can look as if they're replayed,
-                 * would be dropped unnecessarily.
+         * since they arrive from different connections and
-                 */
+         * would be dropped unnecessarily.
-                if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
+         */
-                    p != NULL && *p == SSL3_MT_CLIENT_HELLO) &&
+        if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
-                    !dtls1_record_replay_check(s, bitmap)) {
+            p != NULL && *p == SSL3_MT_CLIENT_HELLO) &&
-                        rr->length = 0;
+            !dtls1_record_replay_check(s, bitmap)) {
-                        s->packet_length=0; /* dump this record */
+                rr->length = 0;
-                        goto again;
+                s->packet_length=0; /* dump this record */
-                        /* get another record */
+                goto again;
-                }
+                /* get another record */
+        }
        /* just read a 0 length packet */
        if (rr->length == 0)

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index a3ba33548e..60c1236f53 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_pkt.c,v 1.41 2015/06/13 08:38:10 doug Exp $ */	1	/* $OpenBSD: d1_pkt.c,v 1.42 2015/06/17 07:29:33 doug Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -575,20 +575,21 @@ again:
575	/* get another record */	575	/* get another record */
576	}	576	}
577		577
578	/* Check whether this is a repeat, or aged record.	578	/*
579	* Don't check if we're listening and this message is	579	* Check whether this is a repeat, or aged record.
580	* a ClientHello. They can look as if they're replayed,	580	* Don't check if we're listening and this message is
581	* since they arrive from different connections and	581	* a ClientHello. They can look as if they're replayed,
582	* would be dropped unnecessarily.	582	* since they arrive from different connections and
583	*/	583	* would be dropped unnecessarily.
584	if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&	584	*/
585	p != NULL && *p == SSL3_MT_CLIENT_HELLO) &&	585	if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
586	!dtls1_record_replay_check(s, bitmap)) {	586	p != NULL && *p == SSL3_MT_CLIENT_HELLO) &&
587	rr->length = 0;	587	!dtls1_record_replay_check(s, bitmap)) {
588	s->packet_length=0; /* dump this record */	588	rr->length = 0;
589	goto again;	589	s->packet_length=0; /* dump this record */
590	/* get another record */	590	goto again;
591	}	591	/* get another record */
		592	}
592		593
593	/* just read a 0 length packet */	594	/* just read a 0 length packet */
594	if (rr->length == 0)	595	if (rr->length == 0)