RAND_bytes updates

[openssl.git] / ssl / t1_enc.c

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 26f8415dcbb8fb34b3f94d8b5cdd41bbaa560303..e4a689ebc3343cb81ad313e647efd45333e2ec8e 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -404,9 +404,9 @@ int tls1_change_cipher_state(SSL *s, int which)
         }
 #endif
         /*
-         * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION
+         * this is done by dtls1_reset_seq_numbers for DTLS
          */
-        if (s->version != DTLS1_VERSION)
+        if (!SSL_IS_DTLS(s))
             memset(&(s->s3->read_sequence[0]), 0, 8);
         mac_secret = &(s->s3->read_mac_secret[0]);
         mac_secret_size = &(s->s3->read_mac_secret_size);
@@ -442,9 +442,9 @@ int tls1_change_cipher_state(SSL *s, int which)
         }
 #endif
         /*
-         * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION
+         * this is done by dtls1_reset_seq_numbers for DTLS
          */
-        if (s->version != DTLS1_VERSION)
+        if (!SSL_IS_DTLS(s))
             memset(&(s->s3->write_sequence[0]), 0, 8);
         mac_secret = &(s->s3->write_mac_secret[0]);
         mac_secret_size = &(s->s3->write_mac_secret_size);
@@ -1095,7 +1095,8 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
              * exchange and before certificate verify)
              */
             s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
-            ssl3_digest_cached_records(s);
+            if(!ssl3_digest_cached_records(s))
+                return -1;
         }
         hashlen = ssl_handshake_hash(s, hash, sizeof(hash));
 #ifdef SSL_DEBUG