projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Remove ssl3_check_finished.
[openssl.git] / ssl / d1_clnt.c
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 40acbb756b321d7d18b1c817603ede293d8a8f17..171d144586232b2fce1e457ff915b4ec1acf781e 100644 (file)
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -388,20 +388,6 @@ int dtls1_connect(SSL *s)
 
                case SSL3_ST_CR_CERT_A:
                case SSL3_ST_CR_CERT_B:
 
                case SSL3_ST_CR_CERT_A:
                case SSL3_ST_CR_CERT_B:
-#ifndef OPENSSL_NO_TLSEXT
-                       ret=ssl3_check_finished(s);
-                       if (ret <= 0) goto end;
-                       if (ret == 2)
-                               {
-                               s->hit = 1;
-                               if (s->tlsext_ticket_expected)
-                                       s->state=SSL3_ST_CR_SESSION_TICKET_A;
-                               else
-                                       s->state=SSL3_ST_CR_FINISHED_A;
-                               s->init_num=0;
-                               break;
-                               }
-#endif
                        /* Check if it is anon DH or PSK */
                        if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
                            !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
                        /* Check if it is anon DH or PSK */
                        if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
                            !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
@@ -556,13 +542,6 @@ int dtls1_connect(SSL *s)
                                SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
                        if (ret <= 0) goto end;
 
                                SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
                        if (ret <= 0) goto end;
 
-#ifndef OPENSSL_NO_SCTP
-                       /* Change to new shared key of SCTP-Auth,
-                        * will be ignored if no SCTP used.
-                        */
-                       BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
-#endif
-
                        s->state=SSL3_ST_CW_FINISHED_A;
                        s->init_num=0;
 
                        s->state=SSL3_ST_CW_FINISHED_A;
                        s->init_num=0;
 
@@ -589,6 +568,16 @@ int dtls1_connect(SSL *s)
                                goto end;
                                }
                        
                                goto end;
                                }
                        
+#ifndef OPENSSL_NO_SCTP
+                               if (s->hit)
+                                       {
+                                       /* Change to new shared key of SCTP-Auth,
+                                        * will be ignored if no SCTP used.
+                                        */
+                                       BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
+                                       }
+#endif
+
                        dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
                        break;
 
                        dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
                        break;
 
@@ -631,6 +620,13 @@ int dtls1_connect(SSL *s)
                                }
                        else
                                {
                                }
                        else
                                {
+#ifndef OPENSSL_NO_SCTP
+                               /* Change to new shared key of SCTP-Auth,
+                                * will be ignored if no SCTP used.
+                                */
+                               BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
+#endif
+
 #ifndef OPENSSL_NO_TLSEXT
                                /* Allow NewSessionTicket if ticket expected */
                                if (s->tlsext_ticket_expected)
 #ifndef OPENSSL_NO_TLSEXT
                                /* Allow NewSessionTicket if ticket expected */
                                if (s->tlsext_ticket_expected)
@@ -840,4 +836,3 @@ f_err:
        ssl3_send_alert(s, SSL3_AL_FATAL, al);
        return -1;
        }
        ssl3_send_alert(s, SSL3_AL_FATAL, al);
        return -1;
        }
-
Unnamed repository; edit this file 'description' to name the repository.