[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Sun May 24 22:57:55 UTC 2015
The branch master has been updated
via 81fc390fd96ad9fae21cda919513fb696cd24028 (commit)
from 69567687b0b7ed67831c17a010f4d46dfd059aef (commit)
- Log -----------------------------------------------------------------
commit 81fc390fd96ad9fae21cda919513fb696cd24028
Author: Matt Caswell <matt at openssl.org>
Date: Sat May 23 21:05:19 2015 +0100
Set first_packet for TLS clients
Version negotiation was broken (one of the late changes in the review
process broke it). The problem is that TLS clients do not set first_packet,
whereas TLS/DTLS servers and DTLS clients do. The simple fix is to set
first_packet for TLS clients too.
Reviewed-by: Kurt Roeckx <kurt at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
ssl/s3_clnt.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index ace0838..f70dce4 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -947,8 +947,7 @@ int ssl3_get_server_hello(SSL *s)
* Hello verify request and/or server hello version may not match so set
* first packet if we're negotiating version.
*/
- if (SSL_IS_DTLS(s))
- s->first_packet = 1;
+ s->first_packet = 1;
n = s->method->ssl_get_message(s,
SSL3_ST_CR_SRVR_HELLO_A,
@@ -957,8 +956,8 @@ int ssl3_get_server_hello(SSL *s)
if (!ok)
return ((int)n);
+ s->first_packet = 0;
if (SSL_IS_DTLS(s)) {
- s->first_packet = 0;
if (s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
if (s->d1->send_cookie == 0) {
s->s3->tmp.reuse_message = 1;
More information about the openssl-commits
mailing list