int client_write;
EVP_CIPHER_CTX *dd;
const EVP_CIPHER *c;
+#ifndef OPENSSL_NO_COMP
const SSL_COMP *comp;
+#endif
const EVP_MD *m;
int is_export,n,i,j,k,exp_label_len,cl;
int reuse_dd = 0;
is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
c=s->s3->tmp.new_sym_enc;
m=s->s3->tmp.new_hash;
+#ifndef OPENSSL_NO_COMP
comp=s->s3->tmp.new_compression;
+#endif
key_block=s->s3->tmp.key_block;
#ifdef KSSL_DEBUG
goto err;
dd= s->enc_read_ctx;
s->read_hash=m;
+#ifndef OPENSSL_NO_COMP
if (s->expand != NULL)
{
COMP_CTX_free(s->expand);
if (s->s3->rrec.comp == NULL)
goto err;
}
- memset(&(s->s3->read_sequence[0]),0,8);
+#endif
+ /* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
+ if (s->version != DTLS1_VERSION)
+ memset(&(s->s3->read_sequence[0]),0,8);
mac_secret= &(s->s3->read_mac_secret[0]);
}
else
goto err;
dd= s->enc_write_ctx;
s->write_hash=m;
+#ifndef OPENSSL_NO_COMP
if (s->compress != NULL)
{
COMP_CTX_free(s->compress);
goto err2;
}
}
- memset(&(s->s3->write_sequence[0]),0,8);
+#endif
+ /* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
+ if (s->version != DTLS1_VERSION)
+ memset(&(s->s3->write_sequence[0]),0,8);
mac_secret= &(s->s3->write_mac_secret[0]);
}
{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
#endif
- for (i=7; i>=0; i--)
- {
- ++seq[i];
- if (seq[i] != 0) break;
+ if ( SSL_version(ssl) != DTLS1_VERSION)
+ {
+ for (i=7; i>=0; i--)
+ {
+ ++seq[i];
+ if (seq[i] != 0) break;
+ }
}
#ifdef TLS_DEBUG
case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR);
case SSL_AD_USER_CANCELLED: return(TLS1_AD_USER_CANCELLED);
case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION);
+ case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return
+ (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
default: return(-1);
}
}