]> git.ipfire.org Git - thirdparty/strongswan.git/commitdiff
projects / thirdparty / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4caa380)
Check for cipherspec changes after each handshake message
authorMartin Willi <martin@revosec.ch>
Fri, 30 Dec 2011 17:29:55 +0000 (18:29 +0100)
committerMartin Willi <martin@revosec.ch>
Sat, 31 Dec 2011 12:14:49 +0000 (13:14 +0100)
src/libtls/tls_fragmentation.c patch | blob | blame | history

diff --git a/src/libtls/tls_fragmentation.c b/src/libtls/tls_fragmentation.c
index 0c3da71ad7b83f6b21992bf3838adfcf6f7da49f..62e36aaec7e3a42c7e729d1fa785668067e9679a 100644 (file)
--- a/src/libtls/tls_fragmentation.c
+++ b/src/libtls/tls_fragmentation.c
@@ -325,8 +325,12 @@ static status_t build_handshake(private_tls_fragmentation_t *this)
                                msg->write_data24(msg, hs->get_buf(hs));
                                DBG2(DBG_TLS, "sending TLS %N handshake (%u bytes)",
                                         tls_handshake_type_names, type, hs->get_buf(hs).len);
-                               hs->destroy(hs);
-                               continue;
+                               if (!this->handshake->cipherspec_changed(this->handshake, FALSE))
+                               {
+                                       hs->destroy(hs);
+                                       continue;
+                               }
+                               /* FALL */
                        case INVALID_STATE:
                                this->output_type = TLS_HANDSHAKE;
                                this->output = chunk_clone(msg->get_buf(msg));
Unnamed repository; edit this file 'description' to name the repository.