diff options
| author | Bodo Möller <bodo@openssl.org> | 2001-09-21 07:01:25 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2001-09-21 07:01:25 +0000 |
| commit | b49124f6d9b5996f681018b2b4318f0fd88add77 (patch) | |
| tree | 83d57da8f74d893c483d3661c4b57d6d9fc6a287 /ssl | |
| parent | 2260ad21fb7b3b78e162bd9fcabe6fe0ca9a7e52 (diff) | |
Disable session related stuff in SSL_ST_OK case of ssl3_accept if we
just sent a HelloRequest.
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/s3_srvr.c | 33 | ||||
| -rw-r--r-- | ssl/ssl.h | 3 |
2 files changed, 18 insertions, 18 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index eb5c27928b..304f217b04 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -170,6 +170,7 @@ int ssl3_accept(SSL *s) long num1; int ret= -1; int new_state,state,skip=0; + int got_new_session=0; RAND_add(&Time,sizeof(Time),0); ERR_clear_error(); @@ -282,6 +283,7 @@ int ssl3_accept(SSL *s) s->shutdown=0; ret=ssl3_get_client_hello(s); if (ret <= 0) goto end; + got_new_session=1; s->state=SSL3_ST_SW_SRVR_HELLO_A; s->init_num=0; break; @@ -522,20 +524,24 @@ int ssl3_accept(SSL *s) /* remove buffering on output */ ssl_free_wbio_buffer(s); - if (s->new_session == 2) - s->new_session=0; - /* if s->new_session is still 1, we have only sent a HelloRequest */ s->init_num=0; - ssl_update_cache(s,SSL_SESS_CACHE_SERVER); - - s->ctx->stats.sess_accept_good++; - /* s->server=1; */ - s->handshake_func=ssl3_accept; - ret=1; - - if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); + if (got_new_session) /* skipped if we just sent a HelloRequest */ + { + /* actually not necessarily a 'new' session unless + * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */ + + s->new_session=0; + + ssl_update_cache(s,SSL_SESS_CACHE_SERVER); + + s->ctx->stats.sess_accept_good++; + /* s->server=1; */ + s->handshake_func=ssl3_accept; + if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); + } + goto end; /* break; */ @@ -702,11 +708,6 @@ static int ssl3_get_client_hello(SSL *s) } } - if (s->new_session) - /* actually not necessarily a 'new' section unless - * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */ - s->new_session = 2; - p+=j; n2s(p,i); if ((i == 0) && (j != 0)) @@ -643,8 +643,7 @@ struct ssl_st int server; /* are we the server side? - mostly used by SSL_clear*/ - int new_session;/* 1 if we are to use a new session, - * (sometimes 2 after a new session has in fact been assigned). + int new_session;/* 1 if we are to use a new session. * NB: For servers, the 'new' session may actually be a previously * cached session or even the previous session unless * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */ |