Add new function SSL_CTX_get_ssl_method().

[openssl.git] / ssl / d1_clnt.c

diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index ec7ef0d8177483fb10f34462198a212a91b19daf..5f25dfc3401873b5056824b9277bd1e0f9899a89 100644 (file)
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -155,6 +155,13 @@ IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
                        dtls1_get_client_method,
                        DTLSv1_2_enc_data)
 
+IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
+                       DTLS_client_method,
+                       ssl_undefined_function,
+                       dtls1_connect,
+                       dtls1_get_client_method,
+                       DTLSv1_2_enc_data)
+
 int dtls1_connect(SSL *s)
        {
        BUF_MEM *buf=NULL;
@@ -549,13 +556,6 @@ int dtls1_connect(SSL *s)
                                SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
                        if (ret <= 0) goto end;
 
-#ifndef OPENSSL_NO_SCTP
-                       /* Change to new shared key of SCTP-Auth,
-                        * will be ignored if no SCTP used.
-                        */
-                       BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
-#endif
-
                        s->state=SSL3_ST_CW_FINISHED_A;
                        s->init_num=0;
 
@@ -582,6 +582,16 @@ int dtls1_connect(SSL *s)
                                goto end;
                                }
                        
+#ifndef OPENSSL_NO_SCTP
+                               if (s->hit)
+                                       {
+                                       /* Change to new shared key of SCTP-Auth,
+                                        * will be ignored if no SCTP used.
+                                        */
+                                       BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
+                                       }
+#endif
+
                        dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
                        break;
 
@@ -624,6 +634,13 @@ int dtls1_connect(SSL *s)
                                }
                        else
                                {
+#ifndef OPENSSL_NO_SCTP
+                               /* Change to new shared key of SCTP-Auth,
+                                * will be ignored if no SCTP used.
+                                */
+                               BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
+#endif
+
 #ifndef OPENSSL_NO_TLSEXT
                                /* Allow NewSessionTicket if ticket expected */
                                if (s->tlsext_ticket_expected)
@@ -785,12 +802,14 @@ static int dtls1_get_hello_verify(SSL *s)
        unsigned char *data;
        unsigned int cookie_len;
 
+       s->first_packet = 1;
        n=s->method->ssl_get_message(s,
                DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
                DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B,
                -1,
                s->max_cert_list,
                &ok);
+       s->first_packet = 0;
 
        if (!ok) return((int)n);
 
@@ -802,14 +821,16 @@ static int dtls1_get_hello_verify(SSL *s)
                }
 
        data = (unsigned char *)s->init_msg;
-
-       if ((data[0] != (s->version>>8)) || (data[1] != (s->version&0xff)))
+#if 0
+       if (s->method->version != DTLS_ANY_VERSION &&
+               ((data[0] != (s->version>>8)) || (data[1] != (s->version&0xff))))
                {
                SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY,SSL_R_WRONG_SSL_VERSION);
                s->version=(s->version&0xff00)|data[1];
                al = SSL_AD_PROTOCOL_VERSION;
                goto f_err;
                }
+#endif
        data+=2;
 
        cookie_len = *(data++);