Accept CCS after sending finished.

Allow CCS after finished has been sent by client: at this point
keys have been correctly set up so it is OK to accept CCS from
server. Without this renegotiation can sometimes fail.

PR#3400

(Imported from upstream's 90d94ce39ecc2fad7fb2b8eb6bde0c669a65ee81)
This commit is contained in:
Adam Langley 2014-06-20 12:00:00 -07:00
parent 956665b32b
commit a433cbdc4f

View File

@ -522,6 +522,7 @@ int ssl3_connect(SSL *s)
s->method->ssl3_enc->client_finished_label, s->method->ssl3_enc->client_finished_label,
s->method->ssl3_enc->client_finished_label_len); s->method->ssl3_enc->client_finished_label_len);
if (ret <= 0) goto end; if (ret <= 0) goto end;
s->s3->flags |= SSL3_FLAGS_CCS_OK;
s->state=SSL3_ST_CW_FLUSH; s->state=SSL3_ST_CW_FLUSH;
/* clear flags */ /* clear flags */