Fix DTLS session resumption

[openssl.git] / ssl / d1_both.c

diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 65a3a18bc4802fa428343e6e812d3548846d25d5..569b561e85992f8e7971e0ed778211d9227355f6 100644 (file)
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -467,7 +467,7 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
     }
 
     msg_hdr = &s->d1->r_msg_hdr;
-    memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+    memset(msg_hdr, 0, sizeof(*msg_hdr));
 
  again:
     i = dtls1_get_message_fragment(s, st1, stn, max, ok);
@@ -478,6 +478,12 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
         return i;
     }
 
+    if (mt >= 0 && s->s3->tmp.message_type != mt) {
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+        goto f_err;
+    }
+
     p = (unsigned char *)s->init_buf->data;
     msg_len = msg_hdr->msg_len;
 
@@ -497,7 +503,7 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
         s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
                         p, msg_len, s, s->msg_callback_arg);
 
-    memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+    memset(msg_hdr, 0, sizeof(*msg_hdr));
 
     /* Don't change sequence numbers while listening */
     if (!s->d1->listen)
@@ -1289,7 +1295,7 @@ unsigned int dtls1_min_mtu(SSL *s)
 void
 dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
 {
-    memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+    memset(msg_hdr, 0, sizeof(*msg_hdr));
     msg_hdr->type = *(data++);
     n2l3(data, msg_hdr->msg_len);
 
@@ -1298,13 +1304,6 @@ dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
     n2l3(data, msg_hdr->frag_len);
 }
 
-void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
-{
-    memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st));
-
-    ccs_hdr->type = *(data++);
-}
-
 int dtls1_shutdown(SSL *s)
 {
     int ret;