PR: 2115

[openssl.git] / ssl / d1_both.c

diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index b7ead8ad228eb18f363c61d8a19c081a67432b42..3b9c7567b55b7d4e7776ac15b66dc1cd8d01300a 100644 (file)
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -226,7 +226,7 @@ int dtls1_do_write(SSL *s, int type)
                        (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
 
        if (s->write_hash)
-               mac_size = EVP_MD_CTX_size(s->write_hash);
+               mac_size = EVP_MD_size(s->write_hash);
        else
                mac_size = 0;
 
@@ -765,6 +765,24 @@ int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
                p+=i;
                l=i;
 
+       /* Copy the finished so we can use it for
+        * renegotiation checks
+        */
+       if(s->type == SSL_ST_CONNECT)
+               {
+               OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+               memcpy(s->s3->previous_client_finished, 
+                      s->s3->tmp.finish_md, i);
+               s->s3->previous_client_finished_len=i;
+               }
+       else
+               {
+               OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+               memcpy(s->s3->previous_server_finished, 
+                      s->s3->tmp.finish_md, i);
+               s->s3->previous_server_finished_len=i;
+               }
+
 #ifdef OPENSSL_SYS_WIN16
                /* MSVC 1.5 does not clear the top bytes of the word unless
                 * I do this.