*) applies to 0.9.6a ... 0.9.6d and 0.9.7
+) applies to 0.9.7 only
+ *) Fix bug in SSL_clear(): bad sessions were not removed (found by
+ Yoram Zahavi <YoramZ@gilian.com>).
+ [Lutz Jaenicke]
+
+) Add and OPENSSL_LOAD_CONF define which will cause
OpenSSL_add_all_algorithms() to load the openssl.cnf config file.
This allows older applications to transparently support certain
int SSL_clear(SSL *s)
{
- int state;
if (s->method == NULL)
{
}
#endif
- state=s->state; /* Keep to check if we throw away the session-id */
s->type=0;
+ if (ssl_clear_bad_session(s))
+ {
+ SSL_SESSION_free(s->session);
+ s->session=NULL;
+ }
+
s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT);
s->version=s->method->version;
ssl_clear_cipher_ctx(s);
- if (ssl_clear_bad_session(s))
- {
- SSL_SESSION_free(s->session);
- s->session=NULL;
- }
-
s->first_packet=0;
#if 1