projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 79b960c)
Accept CCS after sending finished.
authorDr. Stephen Henson <steve@openssl.org>
Sat, 14 Jun 2014 21:24:08 +0000 (22:24 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Sat, 14 Jun 2014 21:31:28 +0000 (22:31 +0100)
Allow CCS after finished has been sent by client: at this point
keys have been correctly set up so it is OK to accept CCS from
server. Without this renegotiation can sometimes fail.

PR#3400
(cherry picked from commit 99cd6a91fcb0931feaebbb4832681d40a66fad41)

ssl/s3_clnt.c patch | blob | history

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 9cae0d15e6fb269fc22a27c07b94e1b450dd2912..29f24f142bbf4baa7a4d305b704293cb5ca687bc 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -543,6 +543,7 @@ int ssl3_connect(SSL *s)
                                s->method->ssl3_enc->client_finished_label,
                                s->method->ssl3_enc->client_finished_label_len);
                        if (ret <= 0) goto end;
+                       s->s3->flags |= SSL3_FLAGS_CCS_OK;
                        s->state=SSL3_ST_CW_FLUSH;
 
                        /* clear flags */
Unnamed repository; edit this file 'description' to name the repository.