apps/s_time: reset reused SSL with SSL_clear in doConnection

Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/28911)

(cherry picked from commit 6f6948b21503d0ef8bea3ea6321c40dbbf4e5c9c)
(cherry picked from commit 79e0c5a13e4c6421eeddfcc4bd01a3b06f4c6394)
(cherry picked from commit 81dcb0ef916a2aeeb15dbc0002ce49d143c709ce)
(cherry picked from commit 73c7dea574b55ccf3a94409fd81a170e11920c16)
(cherry picked from commit 13c751dd424b651513e10933f092818ba0b6445f)

diff --git a/apps/s_time.c b/apps/s_time.c
index 9ef53d4671557f2ed6d630e99ff3940466c14a2e..f896da8ade73d93d505df6db25768767eb367281 100644 (file)
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -436,6 +436,16 @@ static SSL *doConnection(SSL *scon, const char *host, SSL_CTX *ctx)
         }
     } else {
         serverCon = scon;
+        /*
+         * Reset the SSL object before reusing it for a new connection.
+         * This clears prior handshake and I/O state while keeping
+         * configuration inherited from the SSL_CTX.
+         */
+        if (!SSL_clear(serverCon)) {
+            ERR_print_errors(bio_err);
+            BIO_free(conn);
+            return NULL;
+        }
         SSL_set_connect_state(serverCon);
     }