apps/s_time: reset reused SSL with SSL_clear in doConnection

Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/28911)

diff --git a/apps/s_time.c b/apps/s_time.c
index 598e1069ed05e7d8a6c432ab2ac7671833a5af6b..19d68ad2a8999ce5fe07c665c637a15876f69eb6 100644 (file)
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -435,6 +435,16 @@ static SSL *doConnection(SSL *scon, const char *host, SSL_CTX *ctx)
         }
     } else {
         serverCon = scon;
+        /*
+         * Reset the SSL object before reusing it for a new connection.
+         * This clears prior handshake and I/O state while keeping
+         * configuration inherited from the SSL_CTX.
+         */
+        if (!SSL_clear(serverCon)) {
+            ERR_print_errors(bio_err);
+            BIO_free(conn);
+            return NULL;
+        }
         SSL_set_connect_state(serverCon);
     }