Set first_packet for TLS clients

Version negotiation was broken (one of the late changes in the review process broke it). The problem is that TLS clients do not set first_packet, whereas TLS/DTLS servers and DTLS clients do. The simple fix is to set first_packet for TLS clients too. Reviewed-by: N Kurt Roeckx <kurt@openssl.org>

Set first_packet for TLS clients
Version negotiation was broken (one of the late changes in the review process broke it). The problem is that TLS clients do not set first_packet, whereas TLS/DTLS servers and DTLS clients do. The simple fix is to set first_packet for TLS clients too. Reviewed-by: N Kurt Roeckx <kurt@openssl.org>
81fc390f · Matt Caswell · 69567687 · 81fc390f
隐藏空白更改
内联并排

Showing with 2 addition and 3 deletion

ssl/s3_clnt.c ssl/s3_clnt.c +2 -3

未找到文件。
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -947,8 +947,7 @@ int ssl3_get_server_hello(SSL *s)
     * Hello verify request and/or server hello version may not match so set
     * first packet if we're negotiating version.
     */
-    if (SSL_IS_DTLS(s))
-        s->first_packet = 1;
+    s->first_packet = 1;

    n = s->method->ssl_get_message(s,
                                   SSL3_ST_CR_SRVR_HELLO_A,
@@ -957,8 +956,8 @@ int ssl3_get_server_hello(SSL *s)
    if (!ok)
        return ((int)n);

+    s->first_packet = 0;
    if (SSL_IS_DTLS(s)) {
-        s->first_packet = 0;
        if (s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
            if (s->d1->send_cookie == 0) {
                s->s3->tmp.reuse_message = 1;