[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
Matt Caswell
matt at openssl.org
Wed Aug 26 09:32:09 UTC 2015
The branch OpenSSL_1_0_1-stable has been updated
via be8b8603d6789c1dcb058f167c8b54e3f4b928c9 (commit)
from 86de216da3ebea7f876a096e258cf4c9d219bc0a (commit)
- Log -----------------------------------------------------------------
commit be8b8603d6789c1dcb058f167c8b54e3f4b928c9
Author: Matt Caswell <matt at openssl.org>
Date: Thu Aug 13 10:06:30 2015 +0100
Fix DTLS session ticket renewal
A DTLS client will abort a handshake if the server attempts to renew the
session ticket. This is caused by a state machine discrepancy between DTLS
and TLS discovered during the state machine rewrite work.
The bug can be demonstrated as follows:
Start a DTLS s_server instance:
openssl s_server -dtls
Start a client and obtain a session but no ticket:
openssl s_client -dtls -sess_out session.pem -no_ticket
Now start a client reusing the session, but allow a ticket:
openssl s_client -dtls -sess_in session.pem
The client will abort the handshake.
Reviewed-by: Tim Hudson <tjh at openssl.org>
(cherry picked from commit ee4ffd6fccd169775ba74afb1dbfecff48ee413d)
Conflicts:
ssl/d1_clnt.c
-----------------------------------------------------------------------
Summary of changes:
ssl/d1_clnt.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index a9c4ed0..20ed02c 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -366,6 +366,10 @@ int dtls1_connect(SSL *s)
#endif
s->state = SSL3_ST_CR_FINISHED_A;
+ if (s->tlsext_ticket_expected) {
+ /* receive renewed session ticket */
+ s->state = SSL3_ST_CR_SESSION_TICKET_A;
+ }
} else
s->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
}
More information about the openssl-commits
mailing list