Fix DTLS session ticket renewal
A DTLS client will abort a handshake if the server attempts to renew the session ticket. This is caused by a state machine discrepancy between DTLS and TLS discovered during the state machine rewrite work. The bug can be demonstrated as follows: Start a DTLS s_server instance: openssl s_server -dtls Start a client and obtain a session but no ticket: openssl s_client -dtls -sess_out session.pem -no_ticket Now start a client reusing the session, but allow a ticket: openssl s_client -dtls -sess_in session.pem The client will abort the handshake. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit ee4ffd6fccd169775ba74afb1dbfecff48ee413d) Conflicts: ssl/d1_clnt.c
This commit is contained in:
parent
86de216da3
commit
be8b8603d6
@ -366,6 +366,10 @@ int dtls1_connect(SSL *s)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
s->state = SSL3_ST_CR_FINISHED_A;
|
s->state = SSL3_ST_CR_FINISHED_A;
|
||||||
|
if (s->tlsext_ticket_expected) {
|
||||||
|
/* receive renewed session ticket */
|
||||||
|
s->state = SSL3_ST_CR_SESSION_TICKET_A;
|
||||||
|
}
|
||||||
} else
|
} else
|
||||||
s->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
|
s->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user