From f72c1a58cb122bea63b53ba3e35f41d0419c36f9 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Bodo=20M=C3=B6ller?= <bodo@openssl.org>
Date: Thu, 13 Oct 2011 13:05:35 +0000
Subject: [PATCH] In ssl3_clear, preserve s3->init_extra along with s3->rbuf.

Submitted by: Bob Buckholz <bbuckholz@google.com>
---
 CHANGES      | 12 ++++++++++--
 ssl/s3_lib.c |  3 +++
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/CHANGES b/CHANGES
index 68dd4df746..1dad8806e5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,7 +2,7 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 1.0.0e and 1.0.1  [xx XXX xxxx]
+ Changes between 1.0.0f and 1.0.1  [xx XXX xxxx]
 
   *) Use type ossl_ssize_t instad of ssize_t which isn't available on
      all platforms. Move ssize_t definition from e_os.h to the public
@@ -224,7 +224,12 @@
        Add command line options to s_client/s_server.
      [Steve Henson]
 
- Changes between 1.0.0d and 1.0.0e [xx XXX xxxx]
+ Changes between 1.0.0e and 1.0.0f [xx XXX xxxx]
+
+  *) In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
+     [Bob Buckholz (Google)]
+
+ Changes between 1.0.0d and 1.0.0e [6 Sep 2011]
 
   *) Fix bug where CRLs with nextUpdate in the past are sometimes accepted
      by initialising X509_STORE_CTX properly. (CVE-2011-3207)
@@ -1131,6 +1136,9 @@
   
  Changes between 0.9.8r and 0.9.8s [xx XXX xxxx]
 
+  *) In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
+     [Bob Buckholz (Google)]
+
   *) Fix SSL memory handling for (EC)DH ciphersuites, in particular
      for multi-threaded use of ECDH.
      [Adam Langley (Google)]
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index c82dcc744c..14608a888a 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3000,6 +3000,7 @@ void ssl3_clear(SSL *s)
 	{
 	unsigned char *rp,*wp;
 	size_t rlen, wlen;
+	int init_extra;
 
 #ifdef TLSEXT_TYPE_opaque_prf_input
 	if (s->s3->client_opaque_prf_input != NULL)
@@ -3038,6 +3039,7 @@ void ssl3_clear(SSL *s)
 	wp = s->s3->wbuf.buf;
 	rlen = s->s3->rbuf.len;
  	wlen = s->s3->wbuf.len;
+	init_extra = s->s3->init_extra;
 	if (s->s3->handshake_buffer) {
 		BIO_free(s->s3->handshake_buffer);
 		s->s3->handshake_buffer = NULL;
@@ -3050,6 +3052,7 @@ void ssl3_clear(SSL *s)
 	s->s3->wbuf.buf = wp;
 	s->s3->rbuf.len = rlen;
  	s->s3->wbuf.len = wlen;
+	s->s3->init_extra = init_extra;
 
 	ssl_free_wbio_buffer(s);
 
-- 
2.25.1