Fix interaction between SSL_stateless() and SSL_clear() Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4435)

commit: 808d1601612626b09eb4e8a098cd1edc5d105cfa [log] [tgz]
author: Matt Caswell <matt@openssl.org> Thu Sep 28 13:23:49 2017 +0100
committer: Matt Caswell <matt@openssl.org> Wed Jan 24 18:02:36 2018 +0000
tree: 5cc78edf0b8b1eb77d2028ada12b0395395b4ad3
parent: c7b8ff2502d8f3ee3eef20bdb4d25811f329e9ae [diff] [blame]
diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index 29660d5..45cb9ab 100644
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c

@@ -311,7 +311,11 @@
 
     st->in_handshake++;
     if (!SSL_in_init(s) || SSL_in_before(s)) {
-        if (!SSL_clear(s))
+        /*
+         * If we are stateless then we already called SSL_clear() - don't do
+         * it again and clear the STATELESS flag itself.
+         */
+        if ((s->s3->flags & TLS1_FLAGS_STATELESS) == 0 && !SSL_clear(s))
             return -1;
     }
 #ifndef OPENSSL_NO_SCTP
commit	808d1601612626b09eb4e8a098cd1edc5d105cfa	[log] [tgz]
author	Matt Caswell <matt@openssl.org>	Thu Sep 28 13:23:49 2017 +0100
committer	Matt Caswell <matt@openssl.org>	Wed Jan 24 18:02:36 2018 +0000
tree	5cc78edf0b8b1eb77d2028ada12b0395395b4ad3
parent	c7b8ff2502d8f3ee3eef20bdb4d25811f329e9ae [diff] [blame]