summaryrefslogtreecommitdiffstats
path: root/ssl/s3_srvr.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssl/s3_srvr.c')
-rw-r--r--ssl/s3_srvr.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 17ee4da35e..697ab725bd 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -502,12 +502,15 @@ int ssl3_accept(SSL *s)
/* We need to get hashes here so if there is
* a client cert, it can be verified
+ * FIXME - digest processing for CertificateVerify
+ * should be generalized. But it is next step
*/
+
s->method->ssl3_enc->cert_verify_mac(s,
- &(s->s3->finish_dgst1),
+ NID_md5,
&(s->s3->tmp.cert_verify_md[0]));
s->method->ssl3_enc->cert_verify_mac(s,
- &(s->s3->finish_dgst2),
+ NID_sha1,
&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
}
break;
@@ -1026,6 +1029,7 @@ int ssl3_get_client_hello(SSL *s)
goto f_err;
}
s->s3->tmp.new_cipher=c;
+ ssl3_digest_cached_records(s);
}
else
{
@@ -1056,6 +1060,9 @@ int ssl3_get_client_hello(SSL *s)
else
#endif
s->s3->tmp.new_cipher=s->session->cipher;
+ /* Clear cached handshake records */
+ BIO_free(s->s3->handshake_buffer);
+ s->s3->handshake_buffer = NULL;
}
/* we now have the following setup.
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-13 20:01:06 +0000