projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add new function SSL_CTX_get_ssl_method().
[openssl.git]
/
ssl
/
d1_clnt.c
diff --git
a/ssl/d1_clnt.c
b/ssl/d1_clnt.c
index ec7ef0d8177483fb10f34462198a212a91b19daf..5f25dfc3401873b5056824b9277bd1e0f9899a89 100644
(file)
--- a/
ssl/d1_clnt.c
+++ b/
ssl/d1_clnt.c
@@
-155,6
+155,13
@@
IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
dtls1_get_client_method,
DTLSv1_2_enc_data)
dtls1_get_client_method,
DTLSv1_2_enc_data)
+IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
+ DTLS_client_method,
+ ssl_undefined_function,
+ dtls1_connect,
+ dtls1_get_client_method,
+ DTLSv1_2_enc_data)
+
int dtls1_connect(SSL *s)
{
BUF_MEM *buf=NULL;
int dtls1_connect(SSL *s)
{
BUF_MEM *buf=NULL;
@@
-549,13
+556,6
@@
int dtls1_connect(SSL *s)
SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
if (ret <= 0) goto end;
SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
if (ret <= 0) goto end;
-#ifndef OPENSSL_NO_SCTP
- /* Change to new shared key of SCTP-Auth,
- * will be ignored if no SCTP used.
- */
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
-#endif
-
s->state=SSL3_ST_CW_FINISHED_A;
s->init_num=0;
s->state=SSL3_ST_CW_FINISHED_A;
s->init_num=0;
@@
-582,6
+582,16
@@
int dtls1_connect(SSL *s)
goto end;
}
goto end;
}
+#ifndef OPENSSL_NO_SCTP
+ if (s->hit)
+ {
+ /* Change to new shared key of SCTP-Auth,
+ * will be ignored if no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
+ }
+#endif
+
dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
break;
dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
break;
@@
-624,6
+634,13
@@
int dtls1_connect(SSL *s)
}
else
{
}
else
{
+#ifndef OPENSSL_NO_SCTP
+ /* Change to new shared key of SCTP-Auth,
+ * will be ignored if no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
+#endif
+
#ifndef OPENSSL_NO_TLSEXT
/* Allow NewSessionTicket if ticket expected */
if (s->tlsext_ticket_expected)
#ifndef OPENSSL_NO_TLSEXT
/* Allow NewSessionTicket if ticket expected */
if (s->tlsext_ticket_expected)
@@
-785,12
+802,14
@@
static int dtls1_get_hello_verify(SSL *s)
unsigned char *data;
unsigned int cookie_len;
unsigned char *data;
unsigned int cookie_len;
+ s->first_packet = 1;
n=s->method->ssl_get_message(s,
DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B,
-1,
s->max_cert_list,
&ok);
n=s->method->ssl_get_message(s,
DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B,
-1,
s->max_cert_list,
&ok);
+ s->first_packet = 0;
if (!ok) return((int)n);
if (!ok) return((int)n);
@@
-802,14
+821,16
@@
static int dtls1_get_hello_verify(SSL *s)
}
data = (unsigned char *)s->init_msg;
}
data = (unsigned char *)s->init_msg;
-
- if ((data[0] != (s->version>>8)) || (data[1] != (s->version&0xff)))
+#if 0
+ if (s->method->version != DTLS_ANY_VERSION &&
+ ((data[0] != (s->version>>8)) || (data[1] != (s->version&0xff))))
{
SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY,SSL_R_WRONG_SSL_VERSION);
s->version=(s->version&0xff00)|data[1];
al = SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
{
SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY,SSL_R_WRONG_SSL_VERSION);
s->version=(s->version&0xff00)|data[1];
al = SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
+#endif
data+=2;
cookie_len = *(data++);
data+=2;
cookie_len = *(data++);