Commit a06cd5d0 authored Nov 19, 2014 by Emilia Kasper

Reset s->tlsext_ticket_expected in ssl_scan_serverhello_tlsext.


This ensures that it's zeroed even if the SSL object is reused
(as in ssltest.c). It also ensures that it applies to DTLS, too.

Reviewed-by: Matt Caswell <matt@openssl.org>

parent 13d56866

ssl/s3_clnt.c

+0 −8

Original line number	Diff line number	Diff line
		@@ -226,14 +226,6 @@ int ssl3_connect(SSL *s)
		s->renegotiate=1;
		s->state=SSL_ST_CONNECT;
		s->ctx->stats.sess_connect_renegotiate++;
		#ifndef OPENSSL_NO_TLSEXT
		/*
		* If renegotiating, the server may choose to not issue
		* a new ticket, so reset the flag. It will be set to
		* the right value when parsing ServerHello extensions.
		*/
		s->tlsext_ticket_expected = 0;
		#endif
		/* break */
		case SSL_ST_BEFORE:
		case SSL_ST_CONNECT:

ssl/t1_lib.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -2504,6 +2504,7 @@ static int ssl_scan_serverhello_tlsext(SSL s, unsigned char *p, unsigned char
		#ifndef OPENSSL_NO_NEXTPROTONEG
		s->s3->next_proto_neg_seen = 0;
		#endif
		s->tlsext_ticket_expected = 0;

		if (s->s3->alpn_selected)
		{