diff options
Diffstat (limited to 'ssl/ssl_lib.c')
-rw-r--r-- | ssl/ssl_lib.c | 27 |
1 files changed, 15 insertions, 12 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 047fa1a07d..ff13442e3b 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2277,39 +2277,42 @@ int SSL_get_key_update_type(const SSL *s) return s->key_update; } -int SSL_renegotiate(SSL *s) +/* + * Can we accept a renegotiation request? If yes, set the flag and + * return 1 if yes. If not, raise error and return 0. + */ +static int can_renegotiate(const SSL *s) { if (SSL_IS_TLS13(s)) { ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION); return 0; } - if ((s->options & SSL_OP_NO_RENEGOTIATION)) { + if ((s->options & SSL_OP_NO_RENEGOTIATION) != 0) { ERR_raise(ERR_LIB_SSL, SSL_R_NO_RENEGOTIATION); return 0; } + return 1; +} + +int SSL_renegotiate(SSL *s) +{ + if (!can_renegotiate(s)) + return 0; + s->renegotiate = 1; s->new_session = 1; - return s->method->ssl_renegotiate(s); } int SSL_renegotiate_abbreviated(SSL *s) { - if (SSL_IS_TLS13(s)) { - ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION); + if (!can_renegotiate(s)) return 0; - } - - if ((s->options & SSL_OP_NO_RENEGOTIATION)) { - ERR_raise(ERR_LIB_SSL, SSL_R_NO_RENEGOTIATION); - return 0; - } s->renegotiate = 1; s->new_session = 0; - return s->method->ssl_renegotiate(s); } |