projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix DTLS session resumption
[openssl.git] / ssl / d1_both.c
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 05b8f9e08a2a881958646f3b46b7b75b26913fb0..569b561e85992f8e7971e0ed778211d9227355f6 100644 (file)
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -478,6 +478,12 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
         return i;
     }
 
+    if (mt >= 0 && s->s3->tmp.message_type != mt) {
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+        goto f_err;
+    }
+
     p = (unsigned char *)s->init_buf->data;
     msg_len = msg_hdr->msg_len;
 
@@ -1298,13 +1304,6 @@ dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
     n2l3(data, msg_hdr->frag_len);
 }
 
-void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
-{
-    memset(ccs_hdr, 0, sizeof(*ccs_hdr));
-
-    ccs_hdr->type = *(data++);
-}
-
 int dtls1_shutdown(SSL *s)
 {
     int ret;
Unnamed repository; edit this file 'description' to name the repository.