call SSL_set_connect_state() when starting client context

author Alan T. DeKok <aland@freeradius.org>

Thu, 9 Jan 2025 21:40:58 +0000 (16:40 -0500)

committer Alan T. DeKok <aland@freeradius.org>

Fri, 10 Jan 2025 14:48:21 +0000 (09:48 -0500)
author Alan T. DeKok <aland@freeradius.org>
Thu, 9 Jan 2025 21:40:58 +0000 (16:40 -0500)
committer Alan T. DeKok <aland@freeradius.org>
Fri, 10 Jan 2025 14:48:21 +0000 (09:48 -0500)
diff --git a/src/lib/tls/session.c b/src/lib/tls/session.c

index 9d540c38ee5de0856702a14c297cb2101474c771..46cbb29e338993480a73a9594200e12b5d9bd471 100644 (file)
--- a/src/lib/tls/session.c
+++ b/src/lib/tls/session.c
@@ -1692,6 +1692,14 @@ fr_tls_session_t *fr_tls_session_alloc_client(TALLOC_CTX *ctx, SSL_CTX *ssl_ctx)
         SSL_set_msg_callback_arg(tls_session->ssl, tls_session);
         SSL_set_info_callback(tls_session->ssl, fr_tls_session_info_cb);
  
+       /*
+        *      In Client mode we only accept.
+        *
+        *      This sets up the SSL session to work correctly with
+        *      fr_tls_session_handshake.
+        */
+       SSL_set_connect_state(tls_session->ssl);
+
         /*
          *      Always verify the peer certificate.
          */
@@ -1884,7 +1892,7 @@ fr_tls_session_t *fr_tls_session_alloc_server(TALLOC_CTX *ctx, SSL_CTX *ssl_ctx,
          *      In Server mode we only accept.
          *
          *      This sets up the SSL session to work correctly with
-        *      fr_tls_session_handhsake.
+        *      fr_tls_session_handshake.
          */
         SSL_set_accept_state(tls_session->ssl);
author	Alan T. DeKok <aland@freeradius.org>
	Thu, 9 Jan 2025 21:40:58 +0000 (16:40 -0500)
committer	Alan T. DeKok <aland@freeradius.org>
	Fri, 10 Jan 2025 14:48:21 +0000 (09:48 -0500)