PR: 2505
authorDr. Stephen Henson <steve@openssl.org>
Wed, 25 May 2011 12:24:43 +0000 (12:24 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 25 May 2011 12:24:43 +0000 (12:24 +0000)
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS session resumption timer bug.

ssl/d1_clnt.c

index 255c19d7614ca6041c68bdf9ef46e3236fa815a4..aacfacf4b5f9f19b9a652fafeb9f861967fe2d81 100644 (file)
@@ -407,7 +407,8 @@ int dtls1_connect(SSL *s)
 
                case SSL3_ST_CW_CHANGE_A:
                case SSL3_ST_CW_CHANGE_B:
-                       dtls1_start_timer(s);
+                       if (!s->hit)
+                               dtls1_start_timer(s);
                        ret=dtls1_send_change_cipher_spec(s,
                                SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
                        if (ret <= 0) goto end;
@@ -442,7 +443,8 @@ int dtls1_connect(SSL *s)
 
                case SSL3_ST_CW_FINISHED_A:
                case SSL3_ST_CW_FINISHED_B:
-                       dtls1_start_timer(s);
+                       if (!s->hit)
+                               dtls1_start_timer(s);
                        ret=dtls1_send_finished(s,
                                SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
                                s->method->ssl3_enc->client_finished_label,