From: Matt Caswell <matt@openssl.org>
Date: Wed, 23 Nov 2016 23:03:13 +0000 (+0000)
Subject: Ensure we are in accept state in DTLSv1_listen
X-Git-Tag: OpenSSL_1_1_0d~101
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=9fa506681c842bf9b27ddf4ea8579c4695be3bfa;p=oweals%2Fopenssl.git

Ensure we are in accept state in DTLSv1_listen

Calling SSL_set_accept_state() after DTLSv1_listen() clears the state, so
SSL_accept() no longer works. In 1.0.2 calling DTLSv1_listen() would set
the accept state automatically. We should still do that.

Fixes #1989

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 5bdcd362d24cbbcf18c5eb9df655fe9f7bcf5850)
---

diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 0ada7edf77..55a81c34ba 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -441,6 +441,11 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
     BIO_ADDR *tmpclient = NULL;
     PACKET pkt, msgpkt, msgpayload, session, cookiepkt;
 
+    if (s->handshake_func == NULL) {
+        /* Not properly initialized yet */
+        SSL_set_accept_state(s);
+    }
+
     /* Ensure there is no state left over from a previous invocation */
     if (!SSL_clear(s))
         return -1;