Don't forget we are doing QUIC if we clear the QUIC TLS data

We should retain the TLS1_FLAGS_QUIC setting in in s3.flags even after a
"clear" operation.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 10cff08eaeffbf95d891dc2ec76c290e157319f0..ae97e394203572efa9548ffa8cc0103d4fb25253 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3380,6 +3380,7 @@ void ssl3_free(SSL *s)
 int ssl3_clear(SSL *s)
 {
     SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
+    int flags;
 
     if (sc == NULL)
         return 0;
@@ -3401,8 +3402,13 @@ int ssl3_clear(SSL *s)
     OPENSSL_free(sc->s3.alpn_selected);
     OPENSSL_free(sc->s3.alpn_proposed);
 
-    /* NULL/zero-out everything in the s3 struct */
+    /*
+     * NULL/zero-out everything in the s3 struct, but remember if we are doing
+     * QUIC.
+     */
+    flags = sc->s3.flags & TLS1_FLAGS_QUIC;
     memset(&sc->s3, 0, sizeof(sc->s3));
+    sc->s3.flags |= flags;
 
     if (!ssl_free_wbio_buffer(sc))
         return 0;