[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Matt Caswell
matt at openssl.org
Tue Nov 10 18:49:52 UTC 2015
The branch OpenSSL_1_0_2-stable has been updated
via 15a7164eb7d4d031608fcec2801d7f7b11b16923 (commit)
from 822d265cedd98a0dbf48b123a3a24f8528bb5842 (commit)
- Log -----------------------------------------------------------------
commit 15a7164eb7d4d031608fcec2801d7f7b11b16923
Author: Matt Caswell <matt at openssl.org>
Date: Tue Nov 3 15:49:08 2015 +0000
Only call ssl3_init_finished_mac once for DTLS
In DTLS if an IO retry occurs during writing of a fragmented ClientHello
then we can end up reseting the finish mac variables on the retry, which
causes a handshake failure. We should only reset on the first attempt not
on retries.
Thanks to BoringSSL for reporting this issue.
RT#4119
Reviewed-by: Tim Hudson <tjh at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
ssl/d1_clnt.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 3a2038c..3ddfa7b 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -317,13 +317,12 @@ int dtls1_connect(SSL *s)
#endif
case SSL3_ST_CW_CLNT_HELLO_A:
- case SSL3_ST_CW_CLNT_HELLO_B:
-
s->shutdown = 0;
/* every DTLS ClientHello resets Finished MAC */
ssl3_init_finished_mac(s);
+ case SSL3_ST_CW_CLNT_HELLO_B:
dtls1_start_timer(s);
ret = ssl3_client_hello(s);
if (ret <= 0)
More information about the openssl-commits
mailing list