diff options
author | Matt Caswell <matt@openssl.org> | 2017-11-08 11:37:12 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-12-14 15:06:37 +0000 |
commit | 4d02f8706381bf2bd002951daef9b26d9ed85968 (patch) | |
tree | 789bd07bc5e998878929382c83e361f229b188b8 /ssl/statem/statem_clnt.c | |
parent | fa9f9350f3d22168ebc53b72ad042b714e4cb691 (diff) |
Send a CCS from the client in a non-early_data handshake
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
Diffstat (limited to 'ssl/statem/statem_clnt.c')
-rw-r--r-- | ssl/statem/statem_clnt.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 99ebe22512..91fb13d805 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -395,6 +395,9 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s) if (s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY || s->early_data_state == SSL_EARLY_DATA_FINISHED_WRITING) st->hand_state = TLS_ST_PENDING_EARLY_DATA_END; + else if ((s->options & SSL_OP_ENABLE_MIDDLEBOX_COMPAT) != 0 + && !s->hello_retry_request) + st->hand_state = TLS_ST_CW_CHANGE; else st->hand_state = (s->s3->tmp.cert_req != 0) ? TLS_ST_CW_CERT : TLS_ST_CW_FINISHED; @@ -408,6 +411,7 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s) /* Fall through */ case TLS_ST_CW_END_OF_EARLY_DATA: + case TLS_ST_CW_CHANGE: st->hand_state = (s->s3->tmp.cert_req != 0) ? TLS_ST_CW_CERT : TLS_ST_CW_FINISHED; return WRITE_TRAN_CONTINUE; @@ -717,6 +721,8 @@ WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst) break; case TLS_ST_CW_CHANGE: + if (SSL_IS_TLS13(s)) + break; s->session->cipher = s->s3->tmp.new_cipher; #ifdef OPENSSL_NO_COMP s->session->compress_meth = 0; |