[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Tue Jan 10 12:37:27 UTC 2017

The branch master has been updated
       via  290a0419f0c13a30fb3a1d1a279125c8aeafd17e (commit)
      from  f61c5ca6ca183bf0a51651857e3efb02a98889ad (commit)

- Log -----------------------------------------------------------------
commit 290a0419f0c13a30fb3a1d1a279125c8aeafd17e
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Jan 9 17:29:44 2017 +0000

    Mark a HelloRequest record as read if we ignore it
    Otherwise the client will try to process it again. The second time around
    it will try and move the record data into handshake fragment storage and
    realise that there is no data left. At that point it marks it as read
    anyway. However, it is a bug that we go around the loop a second time, so
    we prevent that.
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/2200)


Summary of changes:
 ssl/record/rec_layer_s3.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 93b7d05..486da64 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1430,7 +1430,12 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
                         return -1;
+            } else {
+                SSL3_RECORD_set_read(rr);
+        } else {
+            /* Does this ever happen? */
+            SSL3_RECORD_set_read(rr);
          * we either finished a handshake or ignored the request, now try

More information about the openssl-commits mailing list