Commit 2260ad21 authored by Bodo Möller's avatar Bodo Möller
Browse files

Bugfix: correct cleanup after sending a HelloRequest

parent 6b0e9fac

CHANGES

+7 −4
Original line number Diff line number Diff line
@@ -28,10 +28,13 @@ 
     session resumption is possible only in the first handshake.

     [Bodo Moeller]



  *) Fix ssl3_accept (ssl/s3_srvr.c): Do not call ssl_init_wbio_buffer()

     when just sending a HelloRequest as this could interfere with

     application data writes (and is totally unnecessary).

     [Bodo Moeller; bug pointed out by Eric Rescorla <ekr@rtfm.com>]

  *) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C

     should end in 'break', not 'goto end' which circuments various

     cleanups.



     Also avoid some overhead by not calling ssl_init_wbio_buffer()

     before just sending a HelloRequest.

     [Bodo Moeller]



  *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't

     reveal whether illegal block cipher padding was found or a MAC

ssl/s3_srvr.c

+1 −3
Original line number Diff line number Diff line
@@ -273,9 +273,7 @@ int ssl3_accept(SSL *s) 


		case SSL3_ST_SW_HELLO_REQ_C:

			s->state=SSL_ST_OK;

			ret=1;

			goto end;

			/* break; */

			break;



		case SSL3_ST_SR_CLNT_HELLO_A:

		case SSL3_ST_SR_CLNT_HELLO_B: