Permalink
Browse files

tls: workaround handshakedone in renegotiation

`SSL_CB_HANDSHAKE_START` and `SSL_CB_HANDSHAKE_DONE` are called
sending HelloRequest in OpenSSL-1.1.1.
We need to check whether this is in a renegotiation state or not.

PR-URL: #25381
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Backport-PR-URL: #25688
  • Loading branch information...
shigeki authored and targos committed Sep 12, 2018
1 parent c34c569 commit 6e80f6d9a16dd1e33366f8707203abbdfc79f081
Showing with 4 additions and 1 deletion.
  1. +4 −1 src/tls_wrap.cc
@@ -221,7 +221,10 @@ void TLSWrap::SSLInfoCallback(const SSL* ssl_, int where, int ret) {
}
}

if (where & SSL_CB_HANDSHAKE_DONE) {
// SSL_CB_HANDSHAKE_START and SSL_CB_HANDSHAKE_DONE are called
// sending HelloRequest in OpenSSL-1.1.1.
// We need to check whether this is in a renegotiation state or not.
if (where & SSL_CB_HANDSHAKE_DONE && !SSL_renegotiate_pending(ssl)) {
Local<Value> callback;

c->established_ = true;

0 comments on commit 6e80f6d

Please sign in to comment.