mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-06 09:13:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove session checks from SSL_clear()

Browse Source 
We now allow a different protocol version when reusing a session so we can
unconditionally reset the SSL_METHOD if it has changed.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3954)
This commit is contained in:
Matt Caswell 2017-07-18 16:28:38 +01:00
parent e11b6aa4c9
commit 242525372c
1 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ssl/ssl_lib.c
View File

@ -566,12 +566,9 @@ int SSL_clear(SSL *s)
/*
* Check to see if we were changed into a different method, if so, revert
* back. We always do this in TLSv1.3. Below that we only do it if we are
* not doing session-id reuse.
* back.
*/
if (s->method != s->ctx->method
&& (SSL_IS_TLS13(s)
|| (!ossl_statem_get_in_handshake(s) && s->session == NULL))) {
if (s->method != s->ctx->method) {
s->method->ssl_free(s);
s->method = s->ctx->method;
if (!s->method->ssl_new(s))