1
From 9beb75d3c4ce9a93ba07951e8595c09f07496ba8 Mon Sep 17 00:00:00 2001
2
From: "Dr. Stephen Henson" <steve@openssl.org>
3
Date: Sat, 14 Jun 2014 22:24:08 +0100
4
Subject: [PATCH] Accept CCS after sending finished.
6
Allow CCS after finished has been sent by client: at this point
7
keys have been correctly set up so it is OK to accept CCS from
8
server. Without this renegotiation can sometimes fail.
11
(cherry picked from commit 99cd6a91fcb0931feaebbb4832681d40a66fad41)
14
1 file changed, 1 insertion(+)
16
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
17
index 167bfc6..2afb892 100644
20
@@ -510,6 +510,7 @@ int ssl3_connect(SSL *s)
21
s->method->ssl3_enc->client_finished_label,
22
s->method->ssl3_enc->client_finished_label_len);
23
if (ret <= 0) goto end;
24
+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
25
s->state=SSL3_ST_CW_FLUSH;