apps/s_time: reset reused SSL with SSL_clear in doConnection

Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/28911)

(cherry picked from commit 6f6948b21503d0ef8bea3ea6321c40dbbf4e5c9c)
(cherry picked from commit 79e0c5a13e4c6421eeddfcc4bd01a3b06f4c6394)
(cherry picked from commit 81dcb0ef916a2aeeb15dbc0002ce49d143c709ce)
(cherry picked from commit 73c7dea574b55ccf3a94409fd81a170e11920c16)
(cherry picked from commit 13c751dd424b651513e10933f092818ba0b6445f)
(cherry picked from commit 4791829e865e0ca30f38cbb6c86d85ce6be36897)

diff --git a/apps/s_time.c b/apps/s_time.c
index b7761915626167a06949891309048e2ed45e81d2..4145473aaa794f8d99b01515be97b7757033a268 100644 (file)
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -437,6 +437,16 @@ static SSL *doConnection(SSL *scon, const char *host, SSL_CTX *ctx)
         }
     } else {
         serverCon = scon;
+        /*
+         * Reset the SSL object before reusing it for a new connection.
+         * This clears prior handshake and I/O state while keeping
+         * configuration inherited from the SSL_CTX.
+         */
+        if (!SSL_clear(serverCon)) {
+            ERR_print_errors(bio_err);
+            BIO_free(conn);
+            return NULL;
+        }
         SSL_set_connect_state(serverCon);
     }