summaryrefslogtreecommitdiffstats
path: root/ssl
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2015-12-04 10:18:01 +0000
committerMatt Caswell <matt@openssl.org>2015-12-04 20:26:54 +0000
commitad3819c29ed91ee31ebc806939e6104970694811 (patch)
tree2cb36f7899554a143f9f98f6075914f40dec9bb2 /ssl
parent1c86d8fd41458d35736ef5b04d7a76cbcf1a274c (diff)
Fix EAP FAST in the new state machine
The new state machine code missed an allowed transition when resuming a session via EAP FAST. This commits adds the missing check for the transition. Reviewed-by: Andy Polyakov <appro@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r--ssl/statem/statem_clnt.c13
1 files changed, 13 insertions, 0 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 527101b126..b49f4984b3 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -283,6 +283,19 @@ int ossl_statem_client_read_transition(SSL *s, int mt)
if (SSL_IS_DTLS(s) && mt == DTLS1_MT_HELLO_VERIFY_REQUEST) {
st->hand_state = DTLS_ST_CR_HELLO_VERIFY_REQUEST;
return 1;
+ } else if (s->version >= TLS1_VERSION
+ && s->tls_session_secret_cb != NULL
+ && s->session->tlsext_tick != NULL
+ && mt == SSL3_MT_CHANGE_CIPHER_SPEC) {
+ /*
+ * Normally, we can tell if the server is resuming the session
+ * from the session ID. EAP-FAST (RFC 4851), however, relies on
+ * the next server message after the ServerHello to determine if
+ * the server is resuming.
+ */
+ s->hit = 1;
+ st->hand_state = TLS_ST_CR_CHANGE;
+ return 1;
} else if (!(s->s3->tmp.new_cipher->algorithm_auth
& (SSL_aNULL | SSL_aSRP | SSL_aPSK))) {
if (mt == SSL3_MT_CERTIFICATE) {