+ if(recvd_type == SSL3_RT_CHANGE_CIPHER_SPEC) {
+ /* This isn't a real handshake message - its a CCS.
+ * There is no message sequence number in a CCS to give us confidence
+ * that this was really intended to be at this point in the handshake
+ * sequence. Therefore we only allow this if we were explicitly looking
+ * for it (i.e. if |mt| is -1 we still don't allow it).
+ */
+ if(mt == SSL3_MT_CHANGE_CIPHER_SPEC) {
+ if (wire[0] != SSL3_MT_CCS) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_BAD_CHANGE_CIPHER_SPEC);
+ goto f_err;
+ }
+
+ memcpy(s->init_buf->data, wire, i);
+ s->init_num = i - 1;
+ s->init_msg = s->init_buf->data + 1;
+ s->s3->tmp.message_type = SSL3_MT_CHANGE_CIPHER_SPEC;
+ s->s3->tmp.message_size = i - 1;
+ s->state = stn;
+ *ok = 1;
+ return i-1;
+ } else {
+ /*
+ * We weren't expecting a CCS yet. Probably something got
+ * re-ordered or this is a retransmit. We should drop this and try
+ * again.
+ */
+ s->init_num = 0;
+ goto redo;
+ }
+ }
+