wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make sure we treat records written after HRR as TLSv1.3

Browse source 
This fixes a bug where some CCS records were written with the wrong TLS
record version.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
This commit is contained in:
Matt Caswell 2017-11-30 15:49:08 +00:00
parent 318d3c0e62
commit 758e05c52e
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ssl/ssl_locl.h
View file

@ -326,7 +326,8 @@
(SSL_IS_TLS13(s) || (s)->early_data_state == SSL_EARLY_DATA_CONNECTING \
|| (s)->early_data_state == SSL_EARLY_DATA_CONNECT_RETRY \
|| (s)->early_data_state == SSL_EARLY_DATA_WRITING \
|| (s)->early_data_state == SSL_EARLY_DATA_WRITE_RETRY)
|| (s)->early_data_state == SSL_EARLY_DATA_WRITE_RETRY \
|| (s)->hello_retry_request == SSL_HRR_PENDING)
# define SSL_IS_FIRST_HANDSHAKE(S) ((s)->s3->tmp.finish_md_len == 0 \
|| (s)->s3->tmp.peer_finish_md_len == 0)