Check for cipherspec changes after each handshake message
authorMartin Willi <martin@revosec.ch>
Fri, 30 Dec 2011 17:29:55 +0000 (18:29 +0100)
committerMartin Willi <martin@revosec.ch>
Sat, 31 Dec 2011 12:14:49 +0000 (13:14 +0100)
src/libtls/tls_fragmentation.c

index 0c3da71..62e36aa 100644 (file)
@@ -325,8 +325,12 @@ static status_t build_handshake(private_tls_fragmentation_t *this)
                                msg->write_data24(msg, hs->get_buf(hs));
                                DBG2(DBG_TLS, "sending TLS %N handshake (%u bytes)",
                                         tls_handshake_type_names, type, hs->get_buf(hs).len);
-                               hs->destroy(hs);
-                               continue;
+                               if (!this->handshake->cipherspec_changed(this->handshake, FALSE))
+                               {
+                                       hs->destroy(hs);
+                                       continue;
+                               }
+                               /* FALL */
                        case INVALID_STATE:
                                this->output_type = TLS_HANDSHAKE;
                                this->output = chunk_clone(msg->get_buf(msg));