BoringSSL: Fix session resumption BoringSSL commit 533ef7304d9b48aad38805f1997031a0a034d7fe ('Remove SSL_clear calls in handshake functions.') triggered a regression for EAP-TLS/TTLS/PEAP session resumption in wpa_supplicant due to the removed SSL_clear() call in ssl3_connect() going away and wpa_supplicant not calling SSL_clear() after SSL_shutdown(). Fix this by adding the SSL_clear() call into wpa_supplicant after SSL_shutdown() when preparing the ssl instance for another connection. While OpenSSL is still call SSL_clear() in ssl3_connect(), it looks to be safe to add this call to wpa_supplicant unconditionally. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

commit: f291c682d490cef0b520b68e694a2bf97126b441 [log] [tgz]
author: Jouni Malinen <jouni@qca.qualcomm.com> Mon Aug 17 22:50:41 2015 +0300
committer: Dmitry Shmidt <dimitrysh@google.com> Mon Aug 17 17:26:19 2015 -0700
tree: fb664b399c76bec852f5cff52564c8484accf126
parent: daa60e5cc09fc4ad1a7c1b914d04e741e0052556 [diff]
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 2250e6e..db2d73e 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c

@@ -1149,7 +1149,7 @@
 	 * and "close notify" shutdown alert would confuse AS. */
 	SSL_set_quiet_shutdown(conn->ssl, 1);
 	SSL_shutdown(conn->ssl);
-	return 0;
+	return SSL_clear(conn->ssl) == 1 ? 0 : -1;
 }
commit	f291c682d490cef0b520b68e694a2bf97126b441	[log] [tgz]
author	Jouni Malinen <jouni@qca.qualcomm.com>	Mon Aug 17 22:50:41 2015 +0300
committer	Dmitry Shmidt <dimitrysh@google.com>	Mon Aug 17 17:26:19 2015 -0700
tree	fb664b399c76bec852f5cff52564c8484accf126
parent	daa60e5cc09fc4ad1a7c1b914d04e741e0052556 [diff]