/*
* 'Change Cipher Spec' is just a single byte, which should already have
- * been consumed by ssl_get_message() so there should be no bytes left
+ * been consumed by ssl_get_message() so there should be no bytes left,
+ * unless we're using DTLS1_BAD_VER, which has an extra 2 bytes
*/
- if (n != 0) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_CHANGE_CIPHER_SPEC, SSL_R_BAD_CHANGE_CIPHER_SPEC);
- goto f_err;
+ if (SSL_IS_DTLS(s)) {
+ if ((s->version == DTLS1_BAD_VER && n != DTLS1_CCS_HEADER_LENGTH + 1)
+ || (s->version != DTLS1_BAD_VER
+ && n != DTLS1_CCS_HEADER_LENGTH - 1)) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CHANGE_CIPHER_SPEC, SSL_R_BAD_CHANGE_CIPHER_SPEC);
+ goto f_err;
+ }
+ } else {
+ if (n != 0) {
+ al = SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CHANGE_CIPHER_SPEC, SSL_R_BAD_CHANGE_CIPHER_SPEC);
+ goto f_err;
+ }
}
/* Check we have a cipher to change to */
goto f_err;
}
+ if (SSL_IS_DTLS(s)) {
+ dtls1_reset_seq_numbers(s, SSL3_CC_READ);
+
+ if (s->version == DTLS1_BAD_VER)
+ s->d1->handshake_read_seq++;
+
+#ifndef OPENSSL_NO_SCTP
+ /*
+ * Remember that a CCS has been received, so that an old key of
+ * SCTP-Auth can be deleted when a CCS is sent. Will be ignored if no
+ * SCTP is used
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD, 1, NULL);
+#endif
+ }
+
return 1;
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
ret = SSL_PKEY_ECC;
}
#endif
- else if (i == NID_id_GostR3410_94 || i == NID_id_GostR3410_94_cc) {
- ret = SSL_PKEY_GOST94;
- } else if (i == NID_id_GostR3410_2001 || i == NID_id_GostR3410_2001_cc) {
+ else if (i == NID_id_GostR3410_2001) {
ret = SSL_PKEY_GOST01;
} else if (x && (i == EVP_PKEY_DH || i == EVP_PKEY_DHX)) {
/*