diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-06-22 11:49:27 +0200 |
---|---|---|
committer | Edward Welbourne <edward.welbourne@qt.io> | 2018-07-05 13:39:46 +0000 |
commit | 5bd9f983421cdf21f0abb47f957adf9cfd30d966 (patch) | |
tree | ae74525e680577913d2a299300c7c41a0e6bb475 /src/network | |
parent | 2afa6e5f947e2d497e9c46bbe23c062b622cee64 (diff) |
QDtls - handle server-side timeouts
According to RFC 6347 a DTLS server also must retransmit buffered message(s)
if timeouts happen during the handshake phase (so it's not a client only as
I initially understood it).
Conveniently so an auto-test is already in place and needs just a tiny
adjustment - handshakeWithRetransmission covers both sides.
Change-Id: If914ec3052e28ef5bf12a40e5eede45bbc53e8e0
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/ssl/qdtls.cpp | 6 | ||||
-rw-r--r-- | src/network/ssl/qdtls_openssl.cpp | 19 |
2 files changed, 9 insertions, 16 deletions
diff --git a/src/network/ssl/qdtls.cpp b/src/network/ssl/qdtls.cpp index 0f46f7f73e..0b31da3d74 100644 --- a/src/network/ssl/qdtls.cpp +++ b/src/network/ssl/qdtls.cpp @@ -398,12 +398,6 @@ bool QDtls::handleTimeout(QUdpSocket *socket) return false; } - if (sslMode() == QSslSocket::SslServerMode) { - d->setDtlsError(QDtlsError::InvalidOperation, - tr("DTLS server connection does not have/handle timeouts")); - return false; - } - return d->handleTimeout(socket); } diff --git a/src/network/ssl/qdtls_openssl.cpp b/src/network/ssl/qdtls_openssl.cpp index cba8e210cc..90457c3724 100644 --- a/src/network/ssl/qdtls_openssl.cpp +++ b/src/network/ssl/qdtls_openssl.cpp @@ -1020,17 +1020,16 @@ bool QDtlsPrivateOpenSSL::continueHandshake(QUdpSocket *socket, const QByteArray // SSL_get_state can provide more information about state // machine and we can switch to NotStarted (since we have not // replied with our hello ...) - if (mode == QSslSocket::SslClientMode) { - if (!timeoutHandler.data()) { - timeoutHandler.reset(new TimeoutHandler); - timeoutHandler->dtlsConnection = this; - } else { - // Back to 1s. - timeoutHandler->resetTimeout(); - } - - timeoutHandler->start(); + if (!timeoutHandler.data()) { + timeoutHandler.reset(new TimeoutHandler); + timeoutHandler->dtlsConnection = this; + } else { + // Back to 1s. + timeoutHandler->resetTimeout(); } + + timeoutHandler->start(); + return true; // The handshake is not yet complete. default: storePeerCertificates(); |