PR: 2144

Submitted by: steve@openssl.org Fix DTLS connection so new_session is reset if we read second client hello: new_session is used to detect renegotiation.

PR: 2144
Submitted by: steve@openssl.org Fix DTLS connection so new_session is reset if we read second client hello: new_session is used to detect renegotiation.
8d39d280 · Dr. Stephen Henson · 598b562a · 8d39d280
隐藏空白更改
内联并排

Showing with 1 addition and 0 deletion

ssl/d1_srvr.c ssl/d1_srvr.c +1 -0

未找到文件。
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -292,6 +292,7 @@ int dtls1_accept(SSL *s)
 			ret = dtls1_send_hello_verify_request(s);
 			if ( ret <= 0) goto end;
 			s->state=SSL3_ST_SW_FLUSH;
+			s->new_session = 0;
 			s->s3->tmp.next_state=SSL3_ST_SR_CLNT_HELLO_A;

 			/* HelloVerifyRequest resets Finished MAC */