Do not discard cached handshake records during resumed sessions:

they are used for mac computation.

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 8a4faa66fae63094c5d663bf066fed58e4736eaf..4ffc2fcf39fcbac79a4246baebed35e1c3490279 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1067,7 +1067,6 @@ int ssl3_get_client_hello(SSL *s)
                        goto f_err;
                        }
                s->s3->tmp.new_cipher=c;
-               ssl3_digest_cached_records(s);
                }
        else
                {
@@ -1098,10 +1097,9 @@ int ssl3_get_client_hello(SSL *s)
                else
 #endif
                s->s3->tmp.new_cipher=s->session->cipher;
-               /* Clear cached handshake records */
-               BIO_free(s->s3->handshake_buffer);
-               s->s3->handshake_buffer = NULL;
                }
+
+       ssl3_digest_cached_records(s);
        
        /* we now have the following setup. 
         * client_random