From 145dfcbfc275ffea1ce84264475dcf1e4a2be5ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Feb 2014 14:23:33 +0100 Subject: [PATCH] Fix bug with NewSessionTicket and non-blocking I/O --- ChangeLog | 2 ++ library/ssl_srv.c | 9 ++++++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index f2c42eed0..39d0c6bed 100644 --- a/ChangeLog +++ b/ChangeLog @@ -36,6 +36,8 @@ Bugfix * Fixed bug in ssl_cache: when max_entries = 0 and TIMING_C is enabled, entries would still be created. * Fixed bug in m_sleep: whould sleep twice too long on most Unix platforms. + * Fixed bug with session tickets and non-blocking I/O in the unlikely case + send() would return an EAGAIN error when sending the ticket. = PolarSSL 1.3.4 released on 2014-01-27 Features diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 7048f4dd5..99f72564f 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3003,15 +3003,18 @@ static int ssl_write_new_session_ticket( ssl_context *ssl ) ssl->out_msglen = 10 + tlen; + /* + * Morally equivalent to updating ssl->state, but NewSessionTicket and + * ChangeCipherSpec share the same state. + */ + ssl->handshake->new_session_ticket = 0; + if( ( ret = ssl_write_record( ssl ) ) != 0 ) { SSL_DEBUG_RET( 1, "ssl_write_record", ret ); return( ret ); } - /* No need to remember writing a NewSessionTicket any more */ - ssl->handshake->new_session_ticket = 0; - SSL_DEBUG_MSG( 2, ( "<= write new session ticket" ) ); return( 0 );