X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=ssl%2Fd1_srvr.c;fp=ssl%2Fd1_srvr.c;h=22dbbfe3d3121fc5df87764a1e53e78cea160f14;hb=e27f234a4147a7bd621d2a439c2cc2cc9a6a8382;hp=e32c4c10137217c0e7704d38e655aea6949b3e2d;hpb=4e3458a565da5bccf30fe598e87ad7da1ee9daa7;p=openssl.git

diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index e32c4c1013..22dbbfe3d3 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -317,7 +317,8 @@ int dtls1_accept(SSL *s)
                 goto end;
             dtls1_stop_timer(s);
 
-            if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
+            if (!s->d1->cookie_verified
+                    && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
                 s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
             else
                 s->state = SSL3_ST_SW_SRVR_HELLO_A;
@@ -599,7 +600,7 @@ int dtls1_accept(SSL *s)
             s->state = SSL3_ST_SR_CERT_VRFY_A;
             s->init_num = 0;
 
-            if (ret == 2) {
+            if (s->no_cert_verify) {
                 /*
                  * For the ECDH ciphersuites when the client sends its ECDH
                  * pub key in a certificate, the CertificateVerify message is