[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Matt Caswell
matt at openssl.org
Tue Nov 29 10:06:44 UTC 2016
The branch OpenSSL_1_1_0-stable has been updated
via 9fa506681c842bf9b27ddf4ea8579c4695be3bfa (commit)
from cbc8a839959418d8a2c2e3ec6bdf394852c9501e (commit)
- Log -----------------------------------------------------------------
commit 9fa506681c842bf9b27ddf4ea8579c4695be3bfa
Author: Matt Caswell <matt at openssl.org>
Date: Wed Nov 23 23:03:13 2016 +0000
Ensure we are in accept state in DTLSv1_listen
Calling SSL_set_accept_state() after DTLSv1_listen() clears the state, so
SSL_accept() no longer works. In 1.0.2 calling DTLSv1_listen() would set
the accept state automatically. We should still do that.
Fixes #1989
Reviewed-by: Andy Polyakov <appro at openssl.org>
(cherry picked from commit 5bdcd362d24cbbcf18c5eb9df655fe9f7bcf5850)
-----------------------------------------------------------------------
Summary of changes:
ssl/d1_lib.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 0ada7ed..55a81c3 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -441,6 +441,11 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
BIO_ADDR *tmpclient = NULL;
PACKET pkt, msgpkt, msgpayload, session, cookiepkt;
+ if (s->handshake_func == NULL) {
+ /* Not properly initialized yet */
+ SSL_set_accept_state(s);
+ }
+
/* Ensure there is no state left over from a previous invocation */
if (!SSL_clear(s))
return -1;
More information about the openssl-commits
mailing list