From: Matt Caswell <matt@openssl.org>
Date: Tue, 8 Aug 2023 10:23:39 +0000 (+0100)
Subject: Don't forget we are doing QUIC if we clear the QUIC TLS data
X-Git-Tag: openssl-3.2.0-alpha1~215
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0f2add9e8d4c1dc09848ea12aaad2eb4c5358bf2;p=thirdparty%2Fopenssl.git

Don't forget we are doing QUIC if we clear the QUIC TLS data

We should retain the TLS1_FLAGS_QUIC setting in in s3.flags even after a
"clear" operation.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
---

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 10cff08eaef..ae97e394203 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3380,6 +3380,7 @@ void ssl3_free(SSL *s)
 int ssl3_clear(SSL *s)
 {
     SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
+    int flags;
 
     if (sc == NULL)
         return 0;
@@ -3401,8 +3402,13 @@ int ssl3_clear(SSL *s)
     OPENSSL_free(sc->s3.alpn_selected);
     OPENSSL_free(sc->s3.alpn_proposed);
 
-    /* NULL/zero-out everything in the s3 struct */
+    /*
+     * NULL/zero-out everything in the s3 struct, but remember if we are doing
+     * QUIC.
+     */
+    flags = sc->s3.flags & TLS1_FLAGS_QUIC;
     memset(&sc->s3, 0, sizeof(sc->s3));
+    sc->s3.flags |= flags;
 
     if (!ssl_free_wbio_buffer(sc))
         return 0;