diff options
author | Matt Caswell <matt@openssl.org> | 2015-10-22 12:18:45 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-10-30 08:39:47 +0000 |
commit | 31fd10e60d12ae2e955de8651fa84aff016d719a (patch) | |
tree | d78fb23d8727df94c5013fc444edcbc68a3c0a3f /ssl/statem | |
parent | 91eac8d567c2717ef7bfd7a5997f8e73057ce780 (diff) |
Fix DTLSv1_listen following state machine changes
Adding the new state machine broke the DTLSv1_listen code because
calling SSL_in_before() was erroneously returning true after DTLSv1_listen
had successfully completed. This change ensures that SSL_in_before returns
false.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl/statem')
-rw-r--r-- | ssl/statem/statem.c | 14 | ||||
-rw-r--r-- | ssl/statem/statem.h | 1 |
2 files changed, 15 insertions, 0 deletions
diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c index f681ab4f6d..f22801987a 100644 --- a/ssl/statem/statem.c +++ b/ssl/statem/statem.c @@ -187,6 +187,20 @@ void ossl_statem_set_in_init(SSL *s, int init) s->statem.in_init = init; } +void ossl_statem_set_hello_verify_done(SSL *s) +{ + s->statem.state = MSG_FLOW_UNINITED; + s->statem.in_init = 1; + /* + * This will get reset (briefly) back to TLS_ST_BEFORE when we enter + * state_machine() because |state| is MSG_FLOW_UNINITED, but until then any + * calls to SSL_in_before() will return false. Also calls to + * SSL_state_string() and SSL_state_string_long() will return something + * sensible. + */ + s->statem.hand_state = TLS_ST_SR_CLNT_HELLO; +} + int ossl_statem_connect(SSL *s) { return state_machine(s, 0); } diff --git a/ssl/statem/statem.h b/ssl/statem/statem.h index 4c090dc1cb..2dc603ac05 100644 --- a/ssl/statem/statem.h +++ b/ssl/statem/statem.h @@ -161,6 +161,7 @@ void ossl_statem_set_renegotiate(SSL *s); void ossl_statem_set_error(SSL *s); int ossl_statem_in_error(const SSL *s); void ossl_statem_set_in_init(SSL *s, int init); +void ossl_statem_set_hello_verify_done(SSL *s); __owur int ossl_statem_app_data_allowed(SSL *s); #ifndef OPENSSL_NO_SCTP void ossl_statem_set_sctp_read_sock(SSL *s, int read_sock); |