Fix interaction between SSL_stateless() and SSL_clear()

Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4435)
author: Matt Caswell <matt@openssl.org> 2017-09-28 13:23:49 +0100
committer: Matt Caswell <matt@openssl.org> 2018-01-24 18:02:36 +0000
commit: 808d1601612626b09eb4e8a098cd1edc5d105cfa (patch)
tree: 5cc78edf0b8b1eb77d2028ada12b0395395b4ad3 /ssl/statem/statem.c
parent: c7b8ff2502d8f3ee3eef20bdb4d25811f329e9ae (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index 29660d59c4..45cb9ab092 100644
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -311,7 +311,11 @@ static int state_machine(SSL *s, int server)
 
     st->in_handshake++;
     if (!SSL_in_init(s) || SSL_in_before(s)) {
-        if (!SSL_clear(s))
+        /*
+         * If we are stateless then we already called SSL_clear() - don't do
+         * it again and clear the STATELESS flag itself.
+         */
+        if ((s->s3->flags & TLS1_FLAGS_STATELESS) == 0 && !SSL_clear(s))
             return -1;
     }
 #ifndef OPENSSL_NO_SCTP
author	Matt Caswell <matt@openssl.org>	2017-09-28 13:23:49 +0100
committer	Matt Caswell <matt@openssl.org>	2018-01-24 18:02:36 +0000
commit	808d1601612626b09eb4e8a098cd1edc5d105cfa (patch)
tree	5cc78edf0b8b1eb77d2028ada12b0395395b4ad3 /ssl/statem/statem.c
parent	c7b8ff2502d8f3ee3eef20bdb4d25811f329e9ae (diff)