Fix DTLS session resumption

The session object on the client side is initially created during construction of the ClientHello. If the client is DTLS1.2 capable then it will store 1.2 as the version for the session. However if the server is only DTLS1.0 capable then when the ServerHello comes back the client switches to using DTLS1.0 from then on. However the session version does not get updated. Therefore when the client attempts to resume that session the server throws an alert because of an incorrect protocol version. Reviewed-by: N Tim Hudson <tjh@openssl.org>

Fix DTLS session resumption
The session object on the client side is initially created during construction of the ClientHello. If the client is DTLS1.2 capable then it will store 1.2 as the version for the session. However if the server is only DTLS1.0 capable then when the ServerHello comes back the client switches to using DTLS1.0 from then on. However the session version does not get updated. Therefore when the client attempts to resume that session the server throws an alert because of an incorrect protocol version. Reviewed-by: N Tim Hudson <tjh@openssl.org>
7322abf5 · Matt Caswell · 97cacc53 · 7322abf5
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

ssl/s3_clnt.c ssl/s3_clnt.c +1 -1

未找到文件。
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1036,7 +1036,7 @@ int ssl3_get_server_hello(SSL *s)
            al = SSL_AD_PROTOCOL_VERSION;
            goto f_err;
        }
-        s->version = s->method->version;
+        s->session->ssl_version = s->version = s->method->version;
    } else if ((p[0] != (s->version >> 8)) || (p[1] != (s->version & 0xff))) {
        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_SSL_VERSION);
        s->version = (s->version & 0xff00) | p[1];