Make sure SSL_in_init() returns 0 at SSL_CB_HANDSHAKE_DONE

In 1.1.0 and before calling SSL_in_init() from the info_callback at SSL_CB_HANDSHAKE_DONE would return 0. This commit fixes it so that it does again for 1.1.1. This broke Node. Fixes #4574 Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6019)

Make sure SSL_in_init() returns 0 at SSL_CB_HANDSHAKE_DONE
In 1.1.0 and before calling SSL_in_init() from the info_callback at SSL_CB_HANDSHAKE_DONE would return 0. This commit fixes it so that it does again for 1.1.1. This broke Node. Fixes #4574 Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6019)
4ce787b9 · Matt Caswell · 4b7c6385 · 4ce787b9
隐藏空白更改
内联并排

Showing with 7 addition and 2 deletion

ssl/statem/statem_lib.c ssl/statem/statem_lib.c +7 -2

未找到文件。
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -1090,13 +1090,18 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop)
    else if (s->ctx->info_callback != NULL)
        cb = s->ctx->info_callback;
+    /* The callback may expect us to not be in init at handshake done */
+    ossl_statem_set_in_init(s, 0);
    if (cb != NULL)
        cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-    if (!stop)
+    if (!stop) {
+        /* If we've got more work to do we go back into init */
+        ossl_statem_set_in_init(s, 1);
        return WORK_FINISHED_CONTINUE;
+    }
-    ossl_statem_set_in_init(s, 0);
    return WORK_FINISHED_STOP;
 }