Disable session related stuff in SSL_ST_OK case of ssl3_accept if we

just sent a HelloRequest.

diff --git a/CHANGES b/CHANGES
index 583b24acf17521cbc8a5ebf2bef024c8893d781f..c69a760683c2962bedbd0eced1cbdfb637ba8a81 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -30,11 +30,13 @@
 
   *) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C
      should end in 'break', not 'goto end' which circuments various
-     cleanups.
+     cleanups done in state SSL_ST_OK.   But session related stuff
+     must be disabled for SSL_ST_OK in the case that we just sent a
+     HelloRequest.
 
      Also avoid some overhead by not calling ssl_init_wbio_buffer()
      before just sending a HelloRequest.
-     [Bodo Moeller]
+     [Bodo Moeller, Eric Rescorla <ekr@rtfm.com>]
 
   *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
      reveal whether illegal block cipher padding was found or a MAC

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index eb5c27928b9224fc8b2379c7db7d7a5620e21a98..304f217b047e3bc2e161e4477b2298ad324b5e4d 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -170,6 +170,7 @@ int ssl3_accept(SSL *s)
        long num1;
        int ret= -1;
        int new_state,state,skip=0;
+       int got_new_session=0;
 
        RAND_add(&Time,sizeof(Time),0);
        ERR_clear_error();
@@ -282,6 +283,7 @@ int ssl3_accept(SSL *s)
                        s->shutdown=0;
                        ret=ssl3_get_client_hello(s);
                        if (ret <= 0) goto end;
+                       got_new_session=1;
                        s->state=SSL3_ST_SW_SRVR_HELLO_A;
                        s->init_num=0;
                        break;
@@ -522,20 +524,24 @@ int ssl3_accept(SSL *s)
                        /* remove buffering on output */
                        ssl_free_wbio_buffer(s);
 
-                       if (s->new_session == 2)
-                               s->new_session=0;
-                       /* if s->new_session is still 1, we have only sent a HelloRequest */
                        s->init_num=0;
 
-                       ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
-
-                       s->ctx->stats.sess_accept_good++;
-                       /* s->server=1; */
-                       s->handshake_func=ssl3_accept;
-                       ret=1;
-
-                       if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+                       if (got_new_session) /* skipped if we just sent a HelloRequest */
+                               {
+                               /* actually not necessarily a 'new' session unless
+                                * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
+                               
+                               s->new_session=0;
+                               
+                               ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
+                               
+                               s->ctx->stats.sess_accept_good++;
+                               /* s->server=1; */
+                               s->handshake_func=ssl3_accept;
 
+                               if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+                               }
+                       
                        goto end;
                        /* break; */
 
@@ -702,11 +708,6 @@ static int ssl3_get_client_hello(SSL *s)
                        }
                }
 
-       if (s->new_session)
-               /* actually not necessarily a 'new' section unless
-                * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
-               s->new_session = 2;
-
        p+=j;
        n2s(p,i);
        if ((i == 0) && (j != 0))

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 8a8013463ba3024849dc202ccbed25a931de44d0..bae5f70f571c9af3a8a35f1d7df72b421d895aff 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -643,8 +643,7 @@ struct ssl_st
 
        int server;     /* are we the server side? - mostly used by SSL_clear*/
 
-       int new_session;/* 1 if we are to use a new session,
-                        * (sometimes 2 after a new session has in fact been assigned).
+       int new_session;/* 1 if we are to use a new session.
                         * NB: For servers, the 'new' session may actually be a previously
                         * cached session or even the previous session unless
                         * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */