Commit 44959ee4 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

PR: 1833 

Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Support for abbreviated handshakes when renegotiating.
parent c94f7f65

CHANGES

+4 −0
Original line number Diff line number Diff line
@@ -107,6 +107,10 @@ 
  

 Changes between 1.0.0a and 1.0.1  [xx XXX xxxx]



  *) Permit abbreviated handshakes when renegotiating using the function

     SSL_renegotiate_abbreviated().

     [Robin Seggelmann <seggelmann@fh-muenster.de>]



  *) Add call to ENGINE_register_all_complete() to

     ENGINE_load_builtin_engines(), so some implementations get used

     automatically instead of needing explicit application support.

ssl/d1_clnt.c

+2 −1
Original line number Diff line number Diff line
@@ -171,7 +171,7 @@ int dtls1_connect(SSL *s) 
		switch(s->state)

			{

		case SSL_ST_RENEGOTIATE:

			s->new_session=1;

			s->renegotiate=1;

			s->state=SSL_ST_CONNECT;

			s->ctx->stats.sess_connect_renegotiate++;

			/* break */
@@ -539,6 +539,7 @@ int dtls1_connect(SSL *s) 
			/* else do it later in ssl3_write */



			s->init_num=0;

			s->renegotiate=0;

			s->new_session=0;



			ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);

ssl/d1_pkt.c

+2 −0
Original line number Diff line number Diff line
@@ -957,6 +957,7 @@ start: 
			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&

			!s->s3->renegotiate)

			{

			s->new_session = 1;

			ssl3_renegotiate(s);

			if (ssl3_renegotiate_check(s))

				{
@@ -1163,6 +1164,7 @@ start: 
#else

			s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;

#endif

			s->renegotiate=1;

			s->new_session=1;

			}

		i=s->handshake_func(s);

ssl/d1_srvr.c

+4 −3
Original line number Diff line number Diff line
@@ -177,7 +177,7 @@ int dtls1_accept(SSL *s) 
		switch (s->state)

			{

		case SSL_ST_RENEGOTIATE:

			s->new_session=1;

			s->renegotiate=1;

			/* s->state=SSL_ST_ACCEPT; */



		case SSL_ST_BEFORE:
@@ -299,7 +299,7 @@ int dtls1_accept(SSL *s) 
			

		case SSL3_ST_SW_SRVR_HELLO_A:

		case SSL3_ST_SW_SRVR_HELLO_B:

			s->new_session = 2;

			s->renegotiate = 2;

			dtls1_start_timer(s);

			ret=dtls1_send_server_hello(s);

			if (ret <= 0) goto end;
@@ -620,11 +620,12 @@ int dtls1_accept(SSL *s) 


			s->init_num=0;



			if (s->new_session == 2) /* skipped if we just sent a HelloRequest */

			if (s->renegotiate == 2) /* skipped if we just sent a HelloRequest */

				{

				/* actually not necessarily a 'new' session unless

				 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */

				

				s->renegotiate=0;

				s->new_session=0;

				

				ssl_update_cache(s,SSL_SESS_CACHE_SERVER);

ssl/s3_clnt.c

+2 −1
Original line number Diff line number Diff line
@@ -207,7 +207,7 @@ int ssl3_connect(SSL *s) 
		switch(s->state)

			{

		case SSL_ST_RENEGOTIATE:

			s->new_session=1;

			s->renegotiate=1;

			s->state=SSL_ST_CONNECT;

			s->ctx->stats.sess_connect_renegotiate++;

			/* break */
@@ -563,6 +563,7 @@ int ssl3_connect(SSL *s) 
			/* else do it later in ssl3_write */



			s->init_num=0;

			s->renegotiate=0;

			s->new_session=0;



			ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);