Commit 808d1601 authored by Matt Caswell's avatar Matt Caswell
Browse files

Fix interaction between SSL_stateless() and SSL_clear() 



Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4435)
parent c7b8ff25

ssl/ssl_lib.c

+1 −0
Original line number Diff line number Diff line
@@ -590,6 +590,7 @@ int SSL_clear(SSL *s) 
    OPENSSL_free(s->psksession_id);

    s->psksession_id = NULL;

    s->psksession_id_len = 0;

    s->hello_retry_request = 0;



    s->error = 0;

    s->hit = 0;

ssl/statem/statem.c

+5 −1
Original line number Diff line number Diff line
@@ -311,7 +311,11 @@ static int state_machine(SSL *s, int server) 


    st->in_handshake++;

    if (!SSL_in_init(s) || SSL_in_before(s)) {

        if (!SSL_clear(s))

        /*

         * If we are stateless then we already called SSL_clear() - don't do

         * it again and clear the STATELESS flag itself.

         */

        if ((s->s3->flags & TLS1_FLAGS_STATELESS) == 0 && !SSL_clear(s))

            return -1;

    }

#ifndef OPENSSL_NO_SCTP