Check for cipherspec changes after each handshake message

author Martin Willi <martin@revosec.ch>

Fri, 30 Dec 2011 17:29:55 +0000 (18:29 +0100)

committer Martin Willi <martin@revosec.ch>

Sat, 31 Dec 2011 12:14:49 +0000 (13:14 +0100)
author Martin Willi <martin@revosec.ch>
Fri, 30 Dec 2011 17:29:55 +0000 (18:29 +0100)
committer Martin Willi <martin@revosec.ch>
Sat, 31 Dec 2011 12:14:49 +0000 (13:14 +0100)
diff --git a/src/libtls/tls_fragmentation.c b/src/libtls/tls_fragmentation.c

index 0c3da71..62e36aa 100644 (file)
--- a/src/libtls/tls_fragmentation.c
+++ b/src/libtls/tls_fragmentation.c
@@ -325,8 +325,12 @@ static status_t build_handshake(private_tls_fragmentation_t *this)
                                 msg->write_data24(msg, hs->get_buf(hs));
                                 DBG2(DBG_TLS, "sending TLS %N handshake (%u bytes)",
                                          tls_handshake_type_names, type, hs->get_buf(hs).len);
-                               hs->destroy(hs);
-                               continue;
+                               if (!this->handshake->cipherspec_changed(this->handshake, FALSE))
+                               {
+                                       hs->destroy(hs);
+                                       continue;
+                               }
+                               /* FALL */
                         case INVALID_STATE:
                                 this->output_type = TLS_HANDSHAKE;
                                 this->output = chunk_clone(msg->get_buf(msg));
author	Martin Willi <martin@revosec.ch>
	Fri, 30 Dec 2011 17:29:55 +0000 (18:29 +0100)
committer	Martin Willi <martin@revosec.ch>
	Sat, 31 Dec 2011 12:14:49 +0000 (13:14 +0100)