From 3b0b5abae3183c495dd6f46ad92490236a06a563 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Bodo=20M=C3=B6ller?= Date: Fri, 21 Sep 2001 11:18:40 +0000 Subject: [PATCH] bugfix: handle HelloRequest received during handshake correctly --- CHANGES | 4 ++++ ssl/s3_both.c | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/CHANGES b/CHANGES index c69a760683..be6cfb184a 100644 --- a/CHANGES +++ b/CHANGES @@ -12,6 +12,10 @@ *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7 +) applies to 0.9.7 only + *) Avoid infinite loop in ssl3_get_message (ssl/s3_both.c) if a + client receives HelloRequest while in a handshake. + [Bodo Moeller; bug noticed by Andy Schneider ] + +) New function SSL_renegotiate_pending(). This returns true once renegotiation has been requested (either SSL_renegotiate() call or HelloRequest/ClientHello receveived from the peer) and becomes diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 68ddb143da..21531d5dbe 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -387,7 +387,11 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) * if their format is correct. Does not count for * 'Finished' MAC. */ if (p[1] == 0 && p[2] == 0 &&p[3] == 0) + { + s->init_num = 0; skip_message = 1; + } + } while (skip_message); -- 2.25.1