From: Richard Levitte Date: Fri, 28 Nov 2014 19:40:10 +0000 (+0100) Subject: [PR3597] Advance to the next state variant when reusing messages. X-Git-Tag: OpenSSL_1_0_0p~44 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d93112abc600066b636859bea55ba55701441452;p=oweals%2Fopenssl.git [PR3597] Advance to the next state variant when reusing messages. Previously, state variant was not advanced, which resulted in state being stuck in the st1 variant (usually "_A"). This broke certificate callback retry logic when accepting connections that were using SSLv2 ClientHello (hence reusing the message), because their state never advanced to SSL3_ST_SR_CLNT_HELLO_C variant required for the retry code path. Reported by Yichun Zhang (agentzh). Signed-off-by: Piotr Sikora Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell --- diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 4801dbfb85..a920593966 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -408,6 +408,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) goto f_err; } *ok=1; + s->state = stn; s->init_msg = s->init_buf->data + 4; s->init_num = (int)s->s3->tmp.message_size; return s->init_num;