PR: 2144

Submitted by: steve@openssl.org Fix DTLS connection so new_session is reset if we read second client hello: new_session is used to detect renegotiation.
author: Dr. Stephen Henson <steve@openssl.org> 2010-01-16 19:45:59 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2010-01-16 19:45:59 +0000
commit: ddba003d5e7b55a2da40f1e66a132c040d32b78a (patch)
tree: f606c0be17a64306237d393920caf833749ab0c4 /ssl/d1_srvr.c
parent: e59d9a34c9ffc3876dac7644e61be9fe9a65c365 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index fb64d49166..f79efe53b7 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -292,6 +292,7 @@ int dtls1_accept(SSL *s)
 			ret = dtls1_send_hello_verify_request(s);
 			if ( ret <= 0) goto end;
 			s->state=SSL3_ST_SW_FLUSH;
+			s->new_session = 0;
 			s->s3->tmp.next_state=SSL3_ST_SR_CLNT_HELLO_A;
 
 			/* HelloVerifyRequest resets Finished MAC */
author	Dr. Stephen Henson <steve@openssl.org>	2010-01-16 19:45:59 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2010-01-16 19:45:59 +0000
commit	ddba003d5e7b55a2da40f1e66a132c040d32b78a (patch)
tree	f606c0be17a64306237d393920caf833749ab0c4 /ssl/d1_srvr.c
parent	e59d9a34c9ffc3876dac7644e61be9fe9a65c365 (diff)