memset(s->s3->client_random,0,sizeof(s->s3->client_random));
s->d1->send_cookie = 0;
s->hit = 0;
+ s->d1->change_cipher_spec_ok = 0;
+ /* Should have been reset by ssl3_get_finished, too. */
+ s->s3->change_cipher_spec = 0;
break;
#ifndef OPENSSL_NO_SCTP
case SSL3_ST_CR_CERT_A:
case SSL3_ST_CR_CERT_B:
-#ifndef OPENSSL_NO_TLSEXT
- ret=ssl3_check_finished(s);
- if (ret <= 0) goto end;
- if (ret == 2)
- {
- s->hit = 1;
- if (s->tlsext_ticket_expected)
- s->state=SSL3_ST_CR_SESSION_TICKET_A;
- else
- s->state=SSL3_ST_CR_FINISHED_A;
- s->init_num=0;
- break;
- }
-#endif
/* Check if it is anon DH or PSK */
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
!(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
else
#endif
s->state=SSL3_ST_CW_CHANGE_A;
- s->s3->change_cipher_spec=0;
}
s->init_num=0;
#endif
s->state=SSL3_ST_CW_CHANGE_A;
s->init_num=0;
- s->s3->change_cipher_spec=0;
break;
case SSL3_ST_CW_CHANGE_A:
SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
if (ret <= 0) goto end;
-#ifndef OPENSSL_NO_SCTP
- /* Change to new shared key of SCTP-Auth,
- * will be ignored if no SCTP used.
- */
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
-#endif
-
s->state=SSL3_ST_CW_FINISHED_A;
s->init_num=0;
goto end;
}
+#ifndef OPENSSL_NO_SCTP
+ if (s->hit)
+ {
+ /* Change to new shared key of SCTP-Auth,
+ * will be ignored if no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
+ }
+#endif
+
dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
break;
}
else
{
+#ifndef OPENSSL_NO_SCTP
+ /* Change to new shared key of SCTP-Auth,
+ * will be ignored if no SCTP used.
+ */
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
+#endif
+
#ifndef OPENSSL_NO_TLSEXT
/* Allow NewSessionTicket if ticket expected */
if (s->tlsext_ticket_expected)
ssl3_send_alert(s, SSL3_AL_FATAL, al);
return -1;
}
-