bugfix: handle HelloRequest received during handshake correctly

author: Bodo Möller <bodo@openssl.org> 2001-09-21 11:19:26 +0000
committer: Bodo Möller <bodo@openssl.org> 2001-09-21 11:19:26 +0000
commit: 029dfa64d466a594f787bbfc30b958d6282fd3d6 (patch)
tree: 9cc3dc384a779239b5a57039854d8d3a0b403c2c
parent: f8845509b6592575589e91a510b557795ec49298 (diff)
2 files changed, 8 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 3909697e95..8ae782e1f6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 0.9.6b and 0.9.6c  [XX xxx XXXX]
 
+  *) Avoid infinite loop in ssl3_get_message (ssl/s3_both.c) if a
+     client receives HelloRequest while in a handshake.
+     [Bodo Moeller; bug noticed by Andy Schneider <andy.schneider@bjss.co.uk>]
+
   *) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C
      should end in 'break', not 'goto end' which circuments various
      cleanups done in state SSL_ST_OK.   But session related stuff
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 10d8d3b15a..f1f9c6ce7a 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -383,7 +383,11 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
 					 * if their format is correct. Does not count for
 					 * 'Finished' MAC. */
 					if (p[1] == 0 && p[2] == 0 &&p[3] == 0)
+						{
+						s->init_num = 0;
 						skip_message = 1;
+						}
+			
 			}
 		while (skip_message);
author	Bodo Möller <bodo@openssl.org>	2001-09-21 11:19:26 +0000
committer	Bodo Möller <bodo@openssl.org>	2001-09-21 11:19:26 +0000
commit	029dfa64d466a594f787bbfc30b958d6282fd3d6 (patch)
tree	9cc3dc384a779239b5a57039854d8d3a0b403c2c
parent	f8845509b6592575589e91a510b557795ec49298 (diff)