X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs3_lib.c;h=14b2f13ae2e9d271f740bbdb10e3a8647894d3b8;hp=4ccc70b061bc9a545dbfae6f0e0fdca672ecaa13;hb=e74e9c48de63992a4c32784e5064addf7630e30a;hpb=304d90425f88129911ec256fd840265fda97e9f1

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 4ccc70b061..14b2f13ae2 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -129,7 +129,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	SSL3_TXT_RSA_NULL_MD5,
 	SSL3_CK_RSA_NULL_MD5,
 	SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
-	SSL_NOT_EXP,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
 	0,
 	0,
 	0,
@@ -142,7 +142,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	SSL3_TXT_RSA_NULL_SHA,
 	SSL3_CK_RSA_NULL_SHA,
 	SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
 	0,
 	0,
 	0,
@@ -490,7 +490,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	SSL3_TXT_FZA_DMS_NULL_SHA,
 	SSL3_CK_FZA_DMS_NULL_SHA,
 	SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
 	0,
 	0,
 	0,
@@ -504,7 +504,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	SSL3_TXT_FZA_DMS_FZA_SHA,
 	SSL3_CK_FZA_DMS_FZA_SHA,
 	SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
-	SSL_NOT_EXP,
+	SSL_NOT_EXP|SSL_STRONG_NONE,
 	0,
 	0,
 	0,
@@ -994,6 +994,7 @@ void ssl3_free(SSL *s)
 void ssl3_clear(SSL *s)
 	{
 	unsigned char *rp,*wp;
+	size_t rlen, wlen;
 
 	ssl3_cleanup_key_block(s);
 	if (s->s3->tmp.ca_names != NULL)
@@ -1009,15 +1010,19 @@ void ssl3_clear(SSL *s)
 		DH_free(s->s3->tmp.dh);
 #endif
 
-	rp=s->s3->rbuf.buf;
-	wp=s->s3->wbuf.buf;
+	rp = s->s3->rbuf.buf;
+	wp = s->s3->wbuf.buf;
+	rlen = s->s3->rbuf.len;
+ 	wlen = s->s3->wbuf.len;
 
 	EVP_MD_CTX_cleanup(&s->s3->finish_dgst1);
 	EVP_MD_CTX_cleanup(&s->s3->finish_dgst2);
 
 	memset(s->s3,0,sizeof *s->s3);
-	if (rp != NULL) s->s3->rbuf.buf=rp;
-	if (wp != NULL) s->s3->wbuf.buf=wp;
+	s->s3->rbuf.buf = rp;
+	s->s3->wbuf.buf = wp;
+	s->s3->rbuf.len = rlen;
+ 	s->s3->wbuf.len = wlen;
 
 	ssl_free_wbio_buffer(s);
 
@@ -1609,13 +1614,12 @@ static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
 	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
 	s->s3->in_read_app_data=1;
 	ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
-	if ((ret == -1) && (s->s3->in_read_app_data == 0))
+	if ((ret == -1) && (s->s3->in_read_app_data == 2))
 		{
 		/* ssl3_read_bytes decided to call s->handshake_func, which
 		 * called ssl3_read_bytes to read handshake data.
 		 * However, ssl3_read_bytes actually found application data
-		 * and thinks that application data makes sense here (signalled
-		 * by resetting 'in_read_app_data', strangely); so disable
+		 * and thinks that application data makes sense here; so disable
 		 * handshake processing and try to read application data again. */
 		s->in_handshake++;
 		ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);