1 files changed, 10 insertions, 12 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index a5439d544f..39aac73e10 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -296,9 +296,6 @@ dtls1_process_buffered_records(SSL *s)
    item = pqueue_peek(s->d1->unprocessed_rcds.q);
    if (item)
        {
-        DTLS1_RECORD_DATA *rdata;
-        rdata = (DTLS1_RECORD_DATA *)item->data;
-        
        /* Check if epoch is current. */
        if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
            return(1);  /* Nothing to do. */
@@ -412,11 +409,12 @@ dtls1_process_record(SSL *s)
        enc_err = s->method->ssl3_enc->enc(s,0);
        if (enc_err <= 0)
                {
-                if (enc_err == 0)
+                /* decryption failed, silently discard message */
-                        /* SSLerr() and ssl3_send_alert() have been called */
+                if (enc_err < 0)
-                        goto err;
+                        {
+                        rr->length = 0;
-                /* otherwise enc_err == -1 */
+                        s->packet_length = 0;
+                        }
                goto err;
                }
@@ -528,14 +526,12 @@ int dtls1_get_record(SSL *s)
        int ssl_major,ssl_minor;
        int i,n;
        SSL3_RECORD *rr;
-        SSL_SESSION *sess;
        unsigned char *p = NULL;
        unsigned short version;
        DTLS1_BITMAP *bitmap;
        unsigned int is_next_epoch;
        rr= &(s->s3->rrec);
-        sess=s->session;
        /* The epoch may have changed.  If so, process all the
         * pending records.  This is a non-blocking operation. */
@@ -662,10 +658,12 @@ again:
        /* If this record is from the next epoch (either HM or ALERT),
         * and a handshake is currently in progress, buffer it since it
-         * cannot be processed at this time. */
+         * cannot be processed at this time. However, do not buffer
+         * anything while listening.
+         */
        if (is_next_epoch)
                {
-                if (SSL_in_init(s) || s->in_handshake)
+                if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen)
                        {
                        dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);
                        }

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index a5439d544f..39aac73e10 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c
@@ -296,9 +296,6 @@ dtls1_process_buffered_records(SSL *s)
296	item = pqueue_peek(s->d1->unprocessed_rcds.q);	296	item = pqueue_peek(s->d1->unprocessed_rcds.q);
297	if (item)	297	if (item)
298	{	298	{
299	DTLS1_RECORD_DATA *rdata;
300	rdata = (DTLS1_RECORD_DATA *)item->data;
301
302	/* Check if epoch is current. */	299	/* Check if epoch is current. */
303	if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)	300	if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
304	return(1); /* Nothing to do. */	301	return(1); /* Nothing to do. */
@@ -412,11 +409,12 @@ dtls1_process_record(SSL *s)
412	enc_err = s->method->ssl3_enc->enc(s,0);	409	enc_err = s->method->ssl3_enc->enc(s,0);
413	if (enc_err <= 0)	410	if (enc_err <= 0)
414	{	411	{
415	if (enc_err == 0)	412	/* decryption failed, silently discard message */
416	/* SSLerr() and ssl3_send_alert() have been called */	413	if (enc_err < 0)
417	goto err;	414	{
418		415	rr->length = 0;
419	/* otherwise enc_err == -1 */	416	s->packet_length = 0;
		417	}
420	goto err;	418	goto err;
421	}	419	}
422		420
@@ -528,14 +526,12 @@ int dtls1_get_record(SSL *s)
528	int ssl_major,ssl_minor;	526	int ssl_major,ssl_minor;
529	int i,n;	527	int i,n;
530	SSL3_RECORD *rr;	528	SSL3_RECORD *rr;
531	SSL_SESSION *sess;
532	unsigned char *p = NULL;	529	unsigned char *p = NULL;
533	unsigned short version;	530	unsigned short version;
534	DTLS1_BITMAP *bitmap;	531	DTLS1_BITMAP *bitmap;
535	unsigned int is_next_epoch;	532	unsigned int is_next_epoch;
536		533
537	rr= &(s->s3->rrec);	534	rr= &(s->s3->rrec);
538	sess=s->session;
539		535
540	/* The epoch may have changed. If so, process all the	536	/* The epoch may have changed. If so, process all the
541	* pending records. This is a non-blocking operation. */	537	* pending records. This is a non-blocking operation. */
@@ -662,10 +658,12 @@ again:
662		658
663	/* If this record is from the next epoch (either HM or ALERT),	659	/* If this record is from the next epoch (either HM or ALERT),
664	* and a handshake is currently in progress, buffer it since it	660	* and a handshake is currently in progress, buffer it since it
665	* cannot be processed at this time. */	661	* cannot be processed at this time. However, do not buffer
		662	* anything while listening.
		663	*/
666	if (is_next_epoch)	664	if (is_next_epoch)
667	{	665	{
668	if (SSL_in_init(s) \|\| s->in_handshake)	666	if ((SSL_in_init(s) \|\| s->in_handshake) && !s->d1->listen)
669	{	667	{
670	dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);	668	dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);
671	}	669	}