Fixes an issue were dropped records sent from server was not retransm…

…itted.
fwh-dc · Feb 4, 2025 · 288cdab · 288cdab
1 parent 6a544a1
commit 288cdab
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 14 deletions.
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
@@ -205,7 +205,9 @@ void dtls1_clear_sent_buffer(SSL_CONNECTION *s, int keep_unacked_msgs)
 
         if (((!SSL_CONNECTION_IS_DTLS13(s) && record_type == SSL3_RT_CHANGE_CIPHER_SPEC)
              || (SSL_CONNECTION_IS_DTLS13(s)
-                 && (msg_type == SSL3_MT_FINISHED || msg_type == SSL3_MT_KEY_UPDATE)))
+                 && (msg_type == SSL3_MT_FINISHED
+                     || msg_type == SSL3_MT_SERVER_HELLO
+                     || msg_type == SSL3_MT_KEY_UPDATE)))
             && sent_msg->saved_retransmit_state.wrlmethod != NULL
             && s->rlayer.wrl != sent_msg->saved_retransmit_state.wrl) {
             /*

diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c
@@ -720,25 +720,22 @@ int do_dtls1_write(SSL_CONNECTION *sc, uint8_t type, const unsigned char *buf,
     if (type == SSL3_RT_HANDSHAKE && ret > 0 && SSL_CONNECTION_IS_DTLS13(sc)) {
         pitem *item;
         unsigned char prio[8];
+        dtls_sent_msg *sent_msg;
+        DTLS1_RECORD_NUMBER *rec_num;
 
         dtls1_get_queue_priority(prio, sc->d1->w_msg.msg_seq, 0);
         item = pqueue_find(sc->d1->sent_messages, prio);
 
         if (item == NULL)
             return ret;
 
-        if (dtls_msg_needs_ack(sc->server, sc->d1->w_msg.msg_type)) {
-            dtls_sent_msg *sent_msg;
-            DTLS1_RECORD_NUMBER *rec_num;
+        sent_msg = (dtls_sent_msg *) item->data;
+        rec_num = dtls1_record_number_new(tmpl.epoch, tmpl.sequence_number);
 
-            sent_msg = (dtls_sent_msg *) item->data;
-            rec_num = dtls1_record_number_new(tmpl.epoch, tmpl.sequence_number);
-
-            if (rec_num == NULL)
-                return -1;
+        if (rec_num == NULL)
+            return -1;
 
-            ossl_list_record_number_insert_tail(&sent_msg->rec_nums, rec_num);
-        }
+        ossl_list_record_number_insert_tail(&sent_msg->rec_nums, rec_num);
     }
 
     return ret;

diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
@@ -801,10 +801,8 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which)
         }
 
         /* We have moved to the next flight lets clear out old messages */
-        if (direction == OSSL_RECORD_DIRECTION_READ) {
+        if (direction == OSSL_RECORD_DIRECTION_READ)
             dtls1_clear_received_buffer(s);
-            dtls1_acknowledge_sent_buffer(s, dtls1_get_epoch(s, which));
-        }
 
         dtls1_clear_sent_buffer(s, 1);
     }