Digest cached records if not sending a certificate.

author Dr. Stephen Henson <steve@openssl.org>

Wed, 6 May 2015 23:04:48 +0000 (00:04 +0100)

committer Dr. Stephen Henson <steve@openssl.org>

Wed, 6 May 2015 23:37:10 +0000 (00:37 +0100)
author Dr. Stephen Henson <steve@openssl.org>
Wed, 6 May 2015 23:04:48 +0000 (00:04 +0100)
committer Dr. Stephen Henson <steve@openssl.org>
Wed, 6 May 2015 23:37:10 +0000 (00:37 +0100)
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c

index ea4503fbcb19725343f8e10ba9633b642605fdff..86b7994ca44bec6ba402bd409a12dade51492911 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -3348,6 +3348,11 @@ int ssl3_send_client_certificate(SSL *s)
                  return (1);
              } else {
                  s->s3->tmp.cert_req = 2;
+                if (s->s3->handshake_buffer && !ssl3_digest_cached_records(s)) {
+                    ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+                    s->state = SSL_ST_ERR;
+                    return 0;
+                }
              }
          }
author	Dr. Stephen Henson <steve@openssl.org>
	Wed, 6 May 2015 23:04:48 +0000 (00:04 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Wed, 6 May 2015 23:37:10 +0000 (00:37 +0100)