Disable session related stuff in SSL_ST_OK case of ssl3_accept if we

just sent a HelloRequest.
author: Bodo Möller <bodo@openssl.org> 2001-09-21 07:01:25 +0000
committer: Bodo Möller <bodo@openssl.org> 2001-09-21 07:01:25 +0000
commit: b49124f6d9b5996f681018b2b4318f0fd88add77 (patch)
tree: 83d57da8f74d893c483d3661c4b57d6d9fc6a287 /CHANGES
parent: 2260ad21fb7b3b78e162bd9fcabe6fe0ca9a7e52 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/CHANGES b/CHANGES
index 583b24acf1..c69a760683 100644
--- a/CHANGES
+++ b/CHANGES
@@ -30,11 +30,13 @@
 
   *) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C
      should end in 'break', not 'goto end' which circuments various
-     cleanups.
+     cleanups done in state SSL_ST_OK.   But session related stuff
+     must be disabled for SSL_ST_OK in the case that we just sent a
+     HelloRequest.
 
      Also avoid some overhead by not calling ssl_init_wbio_buffer()
      before just sending a HelloRequest.
-     [Bodo Moeller]
+     [Bodo Moeller, Eric Rescorla <ekr@rtfm.com>]
 
   *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
      reveal whether illegal block cipher padding was found or a MAC
author	Bodo Möller <bodo@openssl.org>	2001-09-21 07:01:25 +0000
committer	Bodo Möller <bodo@openssl.org>	2001-09-21 07:01:25 +0000
commit	b49124f6d9b5996f681018b2b4318f0fd88add77 (patch)
tree	83d57da8f74d893c483d3661c4b57d6d9fc6a287 /CHANGES
parent	2260ad21fb7b3b78e162bd9fcabe6fe0ca9a7e52 (diff)