Advance to the next state variant when reusing messages.

Previously, state variant was not advanced, which resulted in state
being stuck in the st1 variant (usually "_A").

This broke certificate callback retry logic when accepting connections
that were using SSLv2 ClientHello (hence reusing the message), because
their state never advanced to SSL3_ST_SR_CLNT_HELLO_C variant required
for the retry code path.

Reported by Yichun Zhang (agentzh).

Signed-off-by: Piotr Sikora <pi...@cloudflare.com>
---
 ssl/s3_both.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index beef06f..10921a2 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -358,6 +358,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt,
  goto f_err;
  }
  *ok=1;
+ s->state=stn;
  s->init_msg = s->init_buf->data + 4;
  s->init_num = (int)s->s3->tmp.message_size;
  return s->init_num;
-- 
2.1.2

Attachment: OpenSSL__Advance-to-the-next-state-variant-when-reusing-messa.patch
Description: Binary data

Reply via email to