summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2017-03-04 16:15:03 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2017-03-04 16:15:03 +0000
commitdea28b70502ec754d33a7cf8e3229a7efba8b2b6 (patch)
treec0f229265ae9846fbdaacb0cec39cb86114b1f01 /lib
parente266f793a4b65916ea5eaf0a52d74c84b2201b30 (diff)
Call ssl3_handshake_write() instead of ssl3_do_write() - this was missed
when ssl3_send_client_certificate() was converted to the standard handshake functions in r1.150 of s3_clnt.c. This has no impact on TLS, however it causes the DTLS client to fail if the server sends a certificate request, since the TLS MAC is calculated on a non-populated DTLS header. Issue reported by umokk on github.
Diffstat (limited to 'lib')
-rw-r--r--lib/libssl/ssl_clnt.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c
index 223190c0a03..65939141a27 100644
--- a/lib/libssl/ssl_clnt.c
+++ b/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.7 2017/03/01 14:01:24 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.8 2017/03/04 16:15:02 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -2539,7 +2539,7 @@ ssl3_send_client_certificate(SSL *s)
}
/* SSL3_ST_CW_CERT_D */
- return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+ return (ssl3_handshake_write(s));
err:
CBB_cleanup(&cbb);