Digest cached records if not sending a certificate.
[openssl.git] / ssl / s3_clnt.c
index ea4503fbcb19725343f8e10ba9633b642605fdff..86b7994ca44bec6ba402bd409a12dade51492911 100644 (file)
@@ -3348,6 +3348,11 @@ int ssl3_send_client_certificate(SSL *s)
                 return (1);
             } else {
                 s->s3->tmp.cert_req = 2;
+                if (s->s3->handshake_buffer && !ssl3_digest_cached_records(s)) {
+                    ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+                    s->state = SSL_ST_ERR;
+                    return 0;
+                }
             }
         }