- if (which & SSL3_CC_READ) {
- if (s->ext.use_etm)
- s->s3.flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
- else
- s->s3.flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
-
- if (s->s3.tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
- s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
- else
- s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
-
- if (s->enc_read_ctx != NULL) {
- reuse_dd = 1;
- } else if ((s->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- } else {
- /*
- * make sure it's initialised in case we exit later with an error
- */
- EVP_CIPHER_CTX_reset(s->enc_read_ctx);
- }
- dd = s->enc_read_ctx;
- mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
- if (mac_ctx == NULL) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-#ifndef OPENSSL_NO_COMP
- COMP_CTX_free(s->expand);
- s->expand = NULL;
- if (comp != NULL) {
- s->expand = COMP_CTX_new(comp->method);
- if (s->expand == NULL) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
- SSL_F_TLS1_CHANGE_CIPHER_STATE,
- SSL_R_COMPRESSION_LIBRARY_ERROR);
- goto err;
- }
- }
-#endif
- /*
- * this is done by dtls1_reset_seq_numbers for DTLS
- */
- if (!SSL_IS_DTLS(s))
- RECORD_LAYER_reset_read_sequence(&s->rlayer);
- mac_secret = &(s->s3.read_mac_secret[0]);
- mac_secret_size = &(s->s3.read_mac_secret_size);
- } else {
- s->statem.enc_write_state = ENC_WRITE_STATE_INVALID;
- if (s->ext.use_etm)
- s->s3.flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE;
- else
- s->s3.flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE;
-
- if (s->s3.tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
- s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
- else
- s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
- if (s->enc_write_ctx != NULL && !SSL_IS_DTLS(s)) {
- reuse_dd = 1;
- } else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- dd = s->enc_write_ctx;
- if (SSL_IS_DTLS(s)) {
- mac_ctx = EVP_MD_CTX_new();
- if (mac_ctx == NULL) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
- SSL_F_TLS1_CHANGE_CIPHER_STATE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- s->write_hash = mac_ctx;
- } else {
- mac_ctx = ssl_replace_hash(&s->write_hash, NULL);
- if (mac_ctx == NULL) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
- SSL_F_TLS1_CHANGE_CIPHER_STATE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
-#ifndef OPENSSL_NO_COMP
- COMP_CTX_free(s->compress);
- s->compress = NULL;
- if (comp != NULL) {
- s->compress = COMP_CTX_new(comp->method);
- if (s->compress == NULL) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
- SSL_F_TLS1_CHANGE_CIPHER_STATE,
- SSL_R_COMPRESSION_LIBRARY_ERROR);
- goto err;
- }
- }
-#endif
- /*
- * this is done by dtls1_reset_seq_numbers for DTLS
- */
- if (!SSL_IS_DTLS(s))
- RECORD_LAYER_reset_write_sequence(&s->rlayer);
- mac_secret = &(s->s3.write_mac_secret[0]);
- mac_secret_size = &(s->s3.write_mac_secret_size);
- }
-
- if (reuse_dd)
- EVP_CIPHER_CTX_reset(dd);
-