Fix the SSL_stateless() return code
authorMatt Caswell <matt@openssl.org>
Thu, 28 Sep 2017 12:24:58 +0000 (13:24 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 24 Jan 2018 18:02:36 +0000 (18:02 +0000)
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)

ssl/ssl_lib.c

index 1daa348f9ca341ecfa0fd7041865af882afde0d6..f68031e57167d8dc295ac9b7dfdbbb611d5a923c 100644 (file)
@@ -5303,7 +5303,7 @@ int SSL_stateless(SSL *s)
 
     /* Ensure there is no state left over from a previous invocation */
     if (!SSL_clear(s))
-        return -1;
+        return 0;
 
     ERR_clear_error();
 
@@ -5311,8 +5311,8 @@ int SSL_stateless(SSL *s)
     ret = SSL_accept(s);
     s->s3->flags &= ~TLS1_FLAGS_STATELESS;
 
-    if (s->ext.cookieok)
+    if (ret > 0 && s->ext.cookieok)
         return 1;
 
-    return ret;
+    return 0;
 }