X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=ssl%2Fs3_clnt.c;fp=ssl%2Fs3_clnt.c;h=715f08bbfae9202a1786e06680e182f8370867c1;hb=473483d42db5d176946323ac390fcd3c80ea40e6;hp=9a7382525b364e73a16c30a165d916c4463671d3;hpb=76af303761670cd54a93f1b196bcd7b2eaf7c29c;p=openssl.git diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 9a7382525b..715f08bbfa 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -465,6 +465,7 @@ int tls_construct_client_hello(SSL *s) return 0; } +#if 0 int ssl3_get_server_hello(SSL *s) { int ok, al; @@ -509,6 +510,7 @@ int ssl3_get_server_hello(SSL *s) s->state = SSL_ST_ERR; return (-1); } +#endif enum MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, unsigned long n) { @@ -1921,7 +1923,14 @@ enum MSG_PROCESS_RETURN tls_process_server_done(SSL *s, unsigned long n) } #endif - return MSG_PROCESS_FINISHED_READING; +#ifndef OPENSSL_NO_SCTP + /* Only applies to renegotiation */ + if (SSL_IS_DTLS(s) && BIO_dgram_is_sctp(SSL_get_wbio(s)) + && s->renegotiate != 0) + return MSG_PROCESS_CONTINUE_PROCESSING; + else +#endif + return MSG_PROCESS_FINISHED_READING; } int ssl3_send_client_key_exchange(SSL *s) @@ -2554,6 +2563,29 @@ int tls_client_key_exchange_post_work(SSL *s) SSLerr(SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK, ERR_R_INTERNAL_ERROR); goto err; } + +#ifndef OPENSSL_NO_SCTP + if (SSL_IS_DTLS(s)) { + unsigned char sctpauthkey[64]; + char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)]; + + /* + * Add new shared key for SCTP-Auth, will be ignored if no SCTP + * used. + */ + snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL), + DTLS1_SCTP_AUTH_LABEL); + + if (SSL_export_keying_material(s, sctpauthkey, + sizeof(sctpauthkey), labelbuffer, + sizeof(labelbuffer), NULL, 0, 0) <= 0) + goto err; + + BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY, + sizeof(sctpauthkey), sctpauthkey); + } +#endif + return 1; err: OPENSSL_clear_free(pms, pmslen);