Fix install problems on MacOS X and HP-UX.

[openssl.git] / ssl / t1_enc.c

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index bfcd7d9191ffc369d9cf5cf89a1dcd5e8e4f50d7..c544c764950cffd16bf18640874ac9c262ec6311 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -231,7 +231,9 @@ int tls1_change_cipher_state(SSL *s, int which)
        int client_write;
        EVP_CIPHER_CTX *dd;
        const EVP_CIPHER *c;
+#ifndef OPENSSL_NO_COMP
        const SSL_COMP *comp;
+#endif
        const EVP_MD *m;
        int is_export,n,i,j,k,exp_label_len,cl;
        int reuse_dd = 0;
@@ -239,7 +241,9 @@ int tls1_change_cipher_state(SSL *s, int which)
        is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
        c=s->s3->tmp.new_sym_enc;
        m=s->s3->tmp.new_hash;
+#ifndef OPENSSL_NO_COMP
        comp=s->s3->tmp.new_compression;
+#endif
        key_block=s->s3->tmp.key_block;
 
 #ifdef KSSL_DEBUG
@@ -265,6 +269,7 @@ int tls1_change_cipher_state(SSL *s, int which)
                        goto err;
                dd= s->enc_read_ctx;
                s->read_hash=m;
+#ifndef OPENSSL_NO_COMP
                if (s->expand != NULL)
                        {
                        COMP_CTX_free(s->expand);
@@ -284,7 +289,10 @@ int tls1_change_cipher_state(SSL *s, int which)
                        if (s->s3->rrec.comp == NULL)
                                goto err;
                        }
-               memset(&(s->s3->read_sequence[0]),0,8);
+#endif
+               /* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
+               if (s->version != DTLS1_VERSION)
+                       memset(&(s->s3->read_sequence[0]),0,8);
                mac_secret= &(s->s3->read_mac_secret[0]);
                }
        else
@@ -299,6 +307,7 @@ int tls1_change_cipher_state(SSL *s, int which)
                        goto err;
                dd= s->enc_write_ctx;
                s->write_hash=m;
+#ifndef OPENSSL_NO_COMP
                if (s->compress != NULL)
                        {
                        COMP_CTX_free(s->compress);
@@ -313,7 +322,10 @@ int tls1_change_cipher_state(SSL *s, int which)
                                goto err2;
                                }
                        }
-               memset(&(s->s3->write_sequence[0]),0,8);
+#endif
+               /* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
+               if (s->version != DTLS1_VERSION)
+                       memset(&(s->s3->write_sequence[0]),0,8);
                mac_secret= &(s->s3->write_mac_secret[0]);
                }
 
@@ -742,10 +754,13 @@ printf("rec=");
 {unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
 #endif
 
-       for (i=7; i>=0; i--)
-               {
-               ++seq[i];
-               if (seq[i] != 0) break; 
+    if ( SSL_version(ssl) != DTLS1_VERSION)
+           {
+               for (i=7; i>=0; i--)
+                       {
+                       ++seq[i];
+                       if (seq[i] != 0) break; 
+                       }
                }
 
 #ifdef TLS_DEBUG
@@ -808,6 +823,8 @@ int tls1_alert_code(int code)
        case SSL_AD_INTERNAL_ERROR:     return(TLS1_AD_INTERNAL_ERROR);
        case SSL_AD_USER_CANCELLED:     return(TLS1_AD_USER_CANCELLED);
        case SSL_AD_NO_RENEGOTIATION:   return(TLS1_AD_NO_RENEGOTIATION);
+       case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return 
+                                         (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
        default:                        return(-1);
                }
        }