break;
case TLS_ST_BEFORE:
+ case TLS_ST_OK:
case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
if (mt == SSL3_MT_CLIENT_HELLO) {
st->hand_state = TLS_ST_SR_CLNT_HELLO;
/* Shouldn't happen */
return WRITE_TRAN_ERROR;
+ case TLS_ST_OK:
+ if (st->request_state == TLS_ST_SW_HELLO_REQ) {
+ /* We must be trying to renegotiate */
+ st->hand_state = TLS_ST_SW_HELLO_REQ;
+ st->request_state = TLS_ST_BEFORE;
+ return WRITE_TRAN_CONTINUE;
+ }
+ /* Must be an incoming ClientHello */
+ if (!tls_setup_handshake(s)) {
+ ossl_statem_set_error(s);
+ return WRITE_TRAN_ERROR;
+ }
+ /* Fall through */
+
case TLS_ST_BEFORE:
/* Just go straight to trying to read from the client */
return WRITE_TRAN_FINISHED;
- case TLS_ST_OK:
- /* We must be trying to renegotiate */
- st->hand_state = TLS_ST_SW_HELLO_REQ;
- return WRITE_TRAN_CONTINUE;
-
case TLS_ST_SW_HELLO_REQ:
st->hand_state = TLS_ST_OK;
ossl_statem_set_in_init(s, 0);
static const unsigned char null_compression = 0;
CLIENTHELLO_MSG clienthello;
+ /* Check if this is actually an unexpected renegotiation ClientHello */
+ if (s->renegotiate == 0 && !SSL_IS_FIRST_HANDSHAKE(s)) {
+ s->renegotiate = 1;
+ s->new_session = 1;
+ }
+
+ /* This is a real handshake so make sure we clean it up at the end */
+ s->statem.cleanuphand = 1;
+
/*
* First, parse the raw ClientHello data into the CLIENTHELLO_MSG structure.
*/
}
}
#endif
- s->renegotiate = 2;
return WORK_FINISHED_STOP;
f_err:
if (SSL_USE_SIGALGS(s)) {
const unsigned int *psigs;
- size_t nl = tls12_get_psigalgs(s, &psigs);
+ size_t nl = tls12_get_psigalgs(s, 1, &psigs);
if (!WPACKET_start_sub_packet_u16(pkt)
|| !tls12_copy_sigalgs(s, pkt, psigs, nl)
sizeof(labelbuffer), NULL, 0,
0) <= 0) {
ossl_statem_set_error(s);
- return WORK_ERROR;;
+ return WORK_ERROR;
}
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
if (!tls_collect_extensions(s, &extensions, EXT_TLS1_3_CERTIFICATE,
&rawexts, &al)
|| !tls_parse_all_extensions(s, EXT_TLS1_3_CERTIFICATE,
- rawexts, x, chainidx, &al))
+ rawexts, x, chainidx, &al)) {
+ OPENSSL_free(rawexts);
goto f_err;
+ }
+ OPENSSL_free(rawexts);
}
if (!sk_X509_push(sk, x)) {
* slightly over allocate because we won't store those. But that isn't a
* problem.
*/
- raw = s->s3->tmp.ciphers_raw = OPENSSL_malloc(numciphers * n);
+ raw = OPENSSL_malloc(numciphers * TLS_CIPHER_LEN);
+ s->s3->tmp.ciphers_raw = raw;
if (raw == NULL) {
*al = SSL_AD_INTERNAL_ERROR;
goto err;
|| (leadbyte != 0
&& !PACKET_forward(&sslv2ciphers, TLS_CIPHER_LEN))) {
*al = SSL_AD_INTERNAL_ERROR;
- OPENSSL_free(raw);
+ OPENSSL_free(s->s3->tmp.ciphers_raw);
s->s3->tmp.ciphers_raw = NULL;
s->s3->tmp.ciphers_rawlen = 0;
goto err;