Commit 3b77f017 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Accept CCS after sending finished. 

Allow CCS after finished has been sent by client: at this point
keys have been correctly set up so it is OK to accept CCS from
server. Without this renegotiation can sometimes fail.

PR#3400
parent ce00c64d

ssl/s3_clnt.c

+1 −0
Original line number Diff line number Diff line
@@ -550,6 +550,7 @@ int ssl3_connect(SSL *s) 
				s->method->ssl3_enc->client_finished_label,

				s->method->ssl3_enc->client_finished_label_len);

			if (ret <= 0) goto end;

			s->s3->flags |= SSL3_FLAGS_CCS_OK;

			s->state=SSL3_ST_CW_FLUSH;



			/* clear flags */