wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Set first_packet for TLS clients

Browse source 
Version negotiation was broken (one of the late changes in the review
process broke it). The problem is that TLS clients do not set first_packet,
whereas TLS/DTLS servers and DTLS clients do. The simple fix is to set
first_packet for TLS clients too.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
This commit is contained in:
Matt Caswell 2015-05-23 21:05:19 +01:00
parent 69567687b0
commit 81fc390fd9
1 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
ssl/s3_clnt.c
View file

@ -947,8 +947,7 @@ int ssl3_get_server_hello(SSL *s)
* Hello verify request and/or server hello version may not match so set
* first packet if we're negotiating version.
*/
if (SSL_IS_DTLS(s))
s->first_packet = 1;
s->first_packet = 1;
n = s->method->ssl_get_message(s,
SSL3_ST_CR_SRVR_HELLO_A,
@ -957,8 +956,8 @@ int ssl3_get_server_hello(SSL *s)
if (!ok)
return ((int)n);
s->first_packet = 0;
if (SSL_IS_DTLS(s)) {
s->first_packet = 0;
if (s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
if (s->d1->send_cookie == 0) {
s->s3->tmp.reuse_message = 1;