[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Thu Mar 30 15:19:57 UTC 2017
The branch master has been updated
via 12557a3445acc2f53321a3806f0478b998edb9a8 (commit)
from 9b5c865df0626d85065eacff714f20e2c721ca56 (commit)
- Log -----------------------------------------------------------------
commit 12557a3445acc2f53321a3806f0478b998edb9a8
Author: Matt Caswell <matt at openssl.org>
Date: Thu Mar 30 16:06:29 2017 +0100
Fix s_client early data indicator
s_client was always saying that early_data was rejected even when it was
accepted. This was because it was using the wrong test to detect the end
of the handshake. It was using SSL_in_init() which only tells you whether
it is currently processing/sending/expecting handshake messages. It should
use SSL_is_init_finished() which tells you that no handshake messages are
being processed/sent/expected AND we have completed the handshake. In the
early data case we are not processing/sending handshake messages and we
are expecting early data (not a handshake message) - but the handshake has
not yet completed.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3090)
-----------------------------------------------------------------------
Summary of changes:
apps/s_client.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/apps/s_client.c b/apps/s_client.c
index 67e9a92..fc18da2 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -2403,7 +2403,7 @@ int s_client_main(int argc, char **argv)
else
timeoutp = NULL;
- if (SSL_in_init(con) && !SSL_total_renegotiations(con)
+ if (!SSL_is_init_finished(con) && SSL_total_renegotiations(con) == 0
&& SSL_get_key_update_type(con) == SSL_KEY_UPDATE_NONE) {
in_init = 1;
tty_on = 0;
More information about the openssl-commits
mailing list