Fix SSL handshake functions and SSL_clear() such that SSL_clear()
never resets s->method to s->ctx->method when called from within one of the SSL handshake functions.
This commit is contained in:
Bodo Möller
parent
9ccadf1c6f
commit
38b3e9edde
8 changed files with 12 additions and 7 deletions
5
CHANGES
5
CHANGES
|
|
@ -4,6 +4,11 @@
|
|||
|
||||
Changes between 0.9.6b and 0.9.6c [XX xxx XXXX]
|
||||
|
||||
*) Fix SSL handshake functions and SSL_clear() such that SSL_clear()
|
||||
never resets s->method to s->ctx->method when called from within
|
||||
one of the SSL handshake functions.
|
||||
[Bodo Moeller; problem pointed out by Niko Baric]
|
||||
|
||||
*) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert
|
||||
(sent using the client's version number) if client_version is
|
||||
smaller than the protocol version in use. Also change
|
||||
|
|
|
|||
|
|
@ -113,8 +113,8 @@ int ssl23_connect(SSL *s)
|
|||
else if (s->ctx->info_callback != NULL)
|
||||
cb=s->ctx->info_callback;
|
||||
|
||||
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
|
||||
s->in_handshake++;
|
||||
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
|
||||
|
||||
for (;;)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -165,8 +165,8 @@ int ssl23_accept(SSL *s)
|
|||
else if (s->ctx->info_callback != NULL)
|
||||
cb=s->ctx->info_callback;
|
||||
|
||||
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
|
||||
s->in_handshake++;
|
||||
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
|
||||
|
||||
for (;;)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -118,8 +118,8 @@ int ssl2_connect(SSL *s)
|
|||
cb=s->ctx->info_callback;
|
||||
|
||||
/* init things to blank */
|
||||
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
|
||||
s->in_handshake++;
|
||||
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
|
||||
|
||||
for (;;)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -119,8 +119,8 @@ int ssl2_accept(SSL *s)
|
|||
cb=s->ctx->info_callback;
|
||||
|
||||
/* init things to blank */
|
||||
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
|
||||
s->in_handshake++;
|
||||
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
|
||||
|
||||
if (s->cert == NULL)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -119,8 +119,8 @@ int ssl3_connect(SSL *s)
|
|||
else if (s->ctx->info_callback != NULL)
|
||||
cb=s->ctx->info_callback;
|
||||
|
||||
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
|
||||
s->in_handshake++;
|
||||
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
|
||||
|
||||
for (;;)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -179,8 +179,8 @@ int ssl3_accept(SSL *s)
|
|||
cb=s->ctx->info_callback;
|
||||
|
||||
/* init things to blank */
|
||||
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
|
||||
s->in_handshake++;
|
||||
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
|
||||
|
||||
if (s->cert == NULL)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -142,7 +142,7 @@ int SSL_clear(SSL *s)
|
|||
#if 1
|
||||
/* Check to see if we were changed into a different method, if
|
||||
* so, revert back if we are not doing session-id reuse. */
|
||||
if ((s->session == NULL) && (s->method != s->ctx->method))
|
||||
if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method))
|
||||
{
|
||||
s->method->ssl_free(s);
|
||||
s->method=s->ctx->method;
|
||||
|
|
|
|||
Loading…
Reference in a new issue