diff options
author | Matt Caswell <matt@openssl.org> | 2015-10-22 12:18:45 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-10-30 08:39:47 +0000 |
commit | 31fd10e60d12ae2e955de8651fa84aff016d719a (patch) | |
tree | d78fb23d8727df94c5013fc444edcbc68a3c0a3f /ssl/d1_lib.c | |
parent | 91eac8d567c2717ef7bfd7a5997f8e73057ce780 (diff) | |
download | openssl-31fd10e60d12ae2e955de8651fa84aff016d719a.zip openssl-31fd10e60d12ae2e955de8651fa84aff016d719a.tar.gz openssl-31fd10e60d12ae2e955de8651fa84aff016d719a.tar.bz2 |
Fix DTLSv1_listen following state machine changes
Adding the new state machine broke the DTLSv1_listen code because
calling SSL_in_before() was erroneously returning true after DTLSv1_listen
had successfully completed. This change ensures that SSL_in_before returns
false.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl/d1_lib.c')
-rw-r--r-- | ssl/d1_lib.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index 087d6d2..a6f0632 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -872,8 +872,11 @@ int dtls1_listen(SSL *s, struct sockaddr *client) */ SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE); - /* Put us into the "init" state so that we don't get our state cleared */ - ossl_statem_set_in_init(s, 1); + /* + * Tell the state machine that we've done the initial hello verify + * exchange + */ + ossl_statem_set_hello_verify_done(s); if(BIO_dgram_get_peer(rbio, client) <= 0) { SSLerr(SSL_F_DTLS1_LISTEN, ERR_R_INTERNAL_ERROR); |