diff options
| author |   miod <miod@openbsd.org> | 2014-07-11 13:21:15 +0000 |
|---|---|---|
| committer | miod <miod@openbsd.org> | 2014-07-11 13:21:15 +0000 |
| commit | 1b6fae80bfe9b25c39437e29e6117b1cca3ca2fd (patch) | |
| tree | b47c588c5c2b9c0db725b9653e00cb61bf5a66de /lib/libssl/src/ssl | |
| parent | take the directories specified by BSD.local.dist, and add them into (diff) | |
| download | wireguard-openbsd-1b6fae80bfe9b25c39437e29e6117b1cca3ca2fd.tar.xz wireguard-openbsd-1b6fae80bfe9b25c39437e29e6117b1cca3ca2fd.zip | |
Accept CCS again after `finished' has been sent by the client; at this point
keys have been correctly set up so it is ok to accept CCS from the server.
Without renegotiation can sometimes fail.
OpenSSL PR #3400 via OpenSSL trunk.
Diffstat (limited to 'lib/libssl/src/ssl')
| -rw-r--r-- | lib/libssl/src/ssl/s3_clnt.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/lib/libssl/src/ssl/s3_clnt.c b/lib/libssl/src/ssl/s3_clnt.c index b70719f75a3..017aaaecba1 100644 --- a/lib/libssl/src/ssl/s3_clnt.c +++ b/lib/libssl/src/ssl/s3_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_clnt.c,v 1.75 2014/07/11 09:24:44 beck Exp $ */ +/* $OpenBSD: s3_clnt.c,v 1.76 2014/07/11 13:21:15 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -497,12 +497,13 @@ ssl3_connect(SSL *s) case SSL3_ST_CW_FINISHED_A: case SSL3_ST_CW_FINISHED_B: - ret = ssl3_send_finished(s, - SSL3_ST_CW_FINISHED_A, SSL3_ST_CW_FINISHED_B, - s->method->ssl3_enc->client_finished_label, - s->method->ssl3_enc->client_finished_label_len); + ret = ssl3_send_finished(s, SSL3_ST_CW_FINISHED_A, + SSL3_ST_CW_FINISHED_B, + s->method->ssl3_enc->client_finished_label, + s->method->ssl3_enc->client_finished_label_len); if (ret <= 0) goto end; + s->s3->flags |= SSL3_FLAGS_CCS_OK; s->state = SSL3_ST_CW_FLUSH; /* clear flags */ |