The branch master has been updated via 033c181ba690ef234812c51d4c6cb7d8dd337cb7 (commit) via 4ce787b97aa66e1b4c1d48f6ec047141408056f7 (commit) from 4b7c6385f779e92ffcd76159b03b4dac301e93e7 (commit)
- Log ----------------------------------------------------------------- commit 033c181ba690ef234812c51d4c6cb7d8dd337cb7 Author: Matt Caswell <m...@openssl.org> Date: Thu Apr 19 15:44:52 2018 +0100 Test the state of SSL_in_init() from the info_callback Check that in a handshake done event SSL_in_init() is 0 (see #4574) Reviewed-by: Rich Salz <rs...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6019) commit 4ce787b97aa66e1b4c1d48f6ec047141408056f7 Author: Matt Caswell <m...@openssl.org> Date: Thu Apr 19 15:26:28 2018 +0100 Make sure SSL_in_init() returns 0 at SSL_CB_HANDSHAKE_DONE In 1.1.0 and before calling SSL_in_init() from the info_callback at SSL_CB_HANDSHAKE_DONE would return 0. This commit fixes it so that it does again for 1.1.1. This broke Node. Fixes #4574 Reviewed-by: Rich Salz <rs...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6019) ----------------------------------------------------------------------- Summary of changes: ssl/statem/statem_lib.c | 9 +++++++-- test/sslapitest.c | 6 ++++++ 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index a17dec9..6d0778d 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -1090,13 +1090,18 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop) else if (s->ctx->info_callback != NULL) cb = s->ctx->info_callback; + /* The callback may expect us to not be in init at handshake done */ + ossl_statem_set_in_init(s, 0); + if (cb != NULL) cb(s, SSL_CB_HANDSHAKE_DONE, 1); - if (!stop) + if (!stop) { + /* If we've got more work to do we go back into init */ + ossl_statem_set_in_init(s, 1); return WORK_FINISHED_CONTINUE; + } - ossl_statem_set_in_init(s, 0); return WORK_FINISHED_STOP; } diff --git a/test/sslapitest.c b/test/sslapitest.c index c4c0868..25230c8 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -4269,6 +4269,12 @@ static void sslapi_info_callback(const SSL *s, int where, int ret) info_cb_failed = 1; return; } + + /* Check that, if we've got SSL_CB_HANDSHAKE_DONE we are not in init */ + if ((where & SSL_CB_HANDSHAKE_DONE) && SSL_in_init((SSL *)s) != 0) { + info_cb_failed = 1; + return; + } } /* _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits