diff options
| author |   jsing <jsing@openbsd.org> | 2019-02-28 17:56:43 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2019-02-28 17:56:43 +0000 |
| commit | 89433ab512e26e76d53952f1a8b5f8620b4fb87b (patch) | |
| tree | fb306cede5aa8c0ec3e3f44e736431b9a0df0f33 /lib/libssl/tls13_handshake.c | |
| parent | Set the SSL state as part of tls13_legacy_connect(). (diff) | |
| download | wireguard-openbsd-89433ab512e26e76d53952f1a8b5f8620b4fb87b.tar.xz wireguard-openbsd-89433ab512e26e76d53952f1a8b5f8620b4fb87b.zip | |
Automatically complete the handshake from tls13_legacy_{read,write}_bytes()
If the TLS handshake has not been completed, automatically complete the
handshake as part of the read/write call, implementing the current
SSL_read()/SSL_write() behaviour.
Once the TLS handshake is completed we push a WANT_POLLIN or WANT_POLLOUT
back up to the caller, since some applications appear to incorrectly call
SSL_read() or SSL_write(), rather than repeating the previous call. This
can lead to attempts to read data that does not exist, since the
WANT_POLLIN was actually triggered as part of the handshake.
ok inoguchi@ tb@
Diffstat (limited to 'lib/libssl/tls13_handshake.c')
| -rw-r--r-- | lib/libssl/tls13_handshake.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/libssl/tls13_handshake.c b/lib/libssl/tls13_handshake.c index d4fc7cb6f79..536630ac33c 100644 --- a/lib/libssl/tls13_handshake.c +++ b/lib/libssl/tls13_handshake.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_handshake.c,v 1.30 2019/02/28 17:39:36 jsing Exp $ */ +/* $OpenBSD: tls13_handshake.c,v 1.31 2019/02/28 17:56:43 jsing Exp $ */ /* * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> @@ -282,6 +282,7 @@ tls13_handshake_perform(struct tls13_ctx *ctx) return TLS13_IO_FAILURE; if (action->handshake_complete) { + ctx->handshake_completed = 1; tls13_record_layer_handshake_completed(ctx->rl); return TLS13_IO_SUCCESS; } |