}
#endif
-enum MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt)
+MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt)
{
int al;
long remain;
return MSG_PROCESS_ERROR;
}
-enum MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
+MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
{
int al, i;
i = s->s3->tmp.peer_finish_md_len;
- if (i < 0 || (unsigned long)i != PACKET_remaining(pkt)) {
+ if ((unsigned long)i != PACKET_remaining(pkt)) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_TLS_PROCESS_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
goto f_err;
s->s3->previous_server_finished_len = i;
}
- return MSG_PROCESS_CONTINUE_PROCESSING;
+ return MSG_PROCESS_FINISHED_READING;
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
ossl_statem_set_error(s);
return l + SSL_HM_HEADER_LENGTH(s);
}
-enum WORK_STATE tls_finish_handshake(SSL *s, enum WORK_STATE wst)
+WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst)
{
void (*cb) (const SSL *ssl, int type, int val) = NULL;
#ifndef OPENSSL_NO_SCTP
if (SSL_IS_DTLS(s) && BIO_dgram_is_sctp(SSL_get_wbio(s))) {
- enum WORK_STATE ret;
+ WORK_STATE ret;
ret = dtls_wait_for_dry(s);
if (ret != WORK_FINISHED_CONTINUE)
return ret;
s->new_session = 0;
if (s->server) {
- s->renegotiate = 0;
- s->new_session = 0;
-
ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
s->ctx->stats.sess_accept_good++;
ret = SSL_PKEY_ECC;
}
#endif
+#ifndef OPENSSL_NO_GOST
else if (i == NID_id_GostR3410_2001) {
ret = SSL_PKEY_GOST01;
- } else if (x && (i == EVP_PKEY_DH || i == EVP_PKEY_DHX)) {
+ } else if (i == NID_id_GostR3410_2012_256) {
+ ret = SSL_PKEY_GOST12_256;
+ } else if (i == NID_id_GostR3410_2012_512) {
+ ret = SSL_PKEY_GOST12_512;
+ }
+#endif
+ else if (x && (i == EVP_PKEY_DH || i == EVP_PKEY_DHX)) {
/*
* For DH two cases: DH certificate signed with RSA and DH
* certificate signed with DSA.