diff options
author | Lutz Jänicke <jaenicke@openssl.org> | 2002-02-26 21:40:09 +0000 |
---|---|---|
committer | Lutz Jänicke <jaenicke@openssl.org> | 2002-02-26 21:40:09 +0000 |
commit | 334f1842fc61801398d88b006ab36c632f5e6f6c (patch) | |
tree | 401374ab76dda3ebd0714b561482c7d1756c6c98 /ssl | |
parent | b12540520daea56e5a6c2ee22092b0ee2f060e44 (diff) | |
download | openssl-334f1842fc61801398d88b006ab36c632f5e6f6c.tar.gz |
Make sure to remove bad sessions in SSL_clear() (found by Yoram Zahavi).
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_lib.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 1195171a57..2b60d7288f 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -136,7 +136,6 @@ OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={ int SSL_clear(SSL *s) { - int state; if (s->method == NULL) { @@ -161,9 +160,14 @@ int SSL_clear(SSL *s) } #endif - state=s->state; /* Keep to check if we throw away the session-id */ s->type=0; + if (ssl_clear_bad_session(s)) + { + SSL_SESSION_free(s->session); + s->session=NULL; + } + s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT); s->version=s->method->version; @@ -182,12 +186,6 @@ int SSL_clear(SSL *s) ssl_clear_cipher_ctx(s); - if (ssl_clear_bad_session(s)) - { - SSL_SESSION_free(s->session); - s->session=NULL; - } - s->first_packet=0; #if 1 |