Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset

[openssl.git] / ssl / d1_clnt.c

diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index b1f8c5e8f4969873fd674dd1f86ce6372d6e1a54..ea36ea448ae361b167b838b0982100428b6fe564 100644 (file)
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -135,6 +135,8 @@ static const SSL_METHOD *dtls1_get_client_method(int ver)
        {
        if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
                return(DTLSv1_client_method());
+       else if (ver == DTLS1_2_VERSION)
+               return(DTLSv1_2_client_method());
        else
                return(NULL);
        }
@@ -146,6 +148,20 @@ IMPLEMENT_dtls1_meth_func(DTLS1_VERSION,
                        dtls1_get_client_method,
                        DTLSv1_enc_data)
 
+IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
+                       DTLSv1_2_client_method,
+                       ssl_undefined_function,
+                       dtls1_connect,
+                       dtls1_get_client_method,
+                       DTLSv1_2_enc_data)
+
+IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
+                       DTLS_client_method,
+                       ssl_undefined_function,
+                       dtls1_connect,
+                       dtls1_get_client_method,
+                       DTLSv1_2_enc_data)
+
 int dtls1_connect(SSL *s)
        {
        BUF_MEM *buf=NULL;
@@ -251,6 +267,9 @@ int dtls1_connect(SSL *s)
                        memset(s->s3->client_random,0,sizeof(s->s3->client_random));
                        s->d1->send_cookie = 0;
                        s->hit = 0;
+                       s->d1->change_cipher_spec_ok = 0;
+                       /* Should have been reset by ssl3_get_finished, too. */
+                       s->s3->change_cipher_spec = 0;
                        break;
 
 #ifndef OPENSSL_NO_SCTP
@@ -372,20 +391,6 @@ int dtls1_connect(SSL *s)
 
                case SSL3_ST_CR_CERT_A:
                case SSL3_ST_CR_CERT_B:
-#ifndef OPENSSL_NO_TLSEXT
-                       ret=ssl3_check_finished(s);
-                       if (ret <= 0) goto end;
-                       if (ret == 2)
-                               {
-                               s->hit = 1;
-                               if (s->tlsext_ticket_expected)
-                                       s->state=SSL3_ST_CR_SESSION_TICKET_A;
-                               else
-                                       s->state=SSL3_ST_CR_FINISHED_A;
-                               s->init_num=0;
-                               break;
-                               }
-#endif
                        /* Check if it is anon DH or PSK */
                        if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
                            !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
@@ -508,7 +513,6 @@ int dtls1_connect(SSL *s)
                                else
 #endif
                                        s->state=SSL3_ST_CW_CHANGE_A;
-                               s->s3->change_cipher_spec=0;
                                }
 
                        s->init_num=0;
@@ -529,7 +533,6 @@ int dtls1_connect(SSL *s)
 #endif
                                s->state=SSL3_ST_CW_CHANGE_A;
                        s->init_num=0;
-                       s->s3->change_cipher_spec=0;
                        break;
 
                case SSL3_ST_CW_CHANGE_A:
@@ -540,13 +543,6 @@ int dtls1_connect(SSL *s)
                                SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
                        if (ret <= 0) goto end;
 
-#ifndef OPENSSL_NO_SCTP
-                       /* Change to new shared key of SCTP-Auth,
-                        * will be ignored if no SCTP used.
-                        */
-                       BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
-#endif
-
                        s->state=SSL3_ST_CW_FINISHED_A;
                        s->init_num=0;
 
@@ -573,6 +569,16 @@ int dtls1_connect(SSL *s)
                                goto end;
                                }
                        
+#ifndef OPENSSL_NO_SCTP
+                               if (s->hit)
+                                       {
+                                       /* Change to new shared key of SCTP-Auth,
+                                        * will be ignored if no SCTP used.
+                                        */
+                                       BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
+                                       }
+#endif
+
                        dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
                        break;
 
@@ -615,6 +621,13 @@ int dtls1_connect(SSL *s)
                                }
                        else
                                {
+#ifndef OPENSSL_NO_SCTP
+                               /* Change to new shared key of SCTP-Auth,
+                                * will be ignored if no SCTP used.
+                                */
+                               BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
+#endif
+
 #ifndef OPENSSL_NO_TLSEXT
                                /* Allow NewSessionTicket if ticket expected */
                                if (s->tlsext_ticket_expected)
@@ -776,12 +789,14 @@ static int dtls1_get_hello_verify(SSL *s)
        unsigned char *data;
        unsigned int cookie_len;
 
+       s->first_packet = 1;
        n=s->method->ssl_get_message(s,
                DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
                DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B,
                -1,
                s->max_cert_list,
                &ok);
+       s->first_packet = 0;
 
        if (!ok) return((int)n);
 
@@ -793,14 +808,16 @@ static int dtls1_get_hello_verify(SSL *s)
                }
 
        data = (unsigned char *)s->init_msg;
-
-       if ((data[0] != (s->version>>8)) || (data[1] != (s->version&0xff)))
+#if 0
+       if (s->method->version != DTLS_ANY_VERSION &&
+               ((data[0] != (s->version>>8)) || (data[1] != (s->version&0xff))))
                {
                SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY,SSL_R_WRONG_SSL_VERSION);
                s->version=(s->version&0xff00)|data[1];
                al = SSL_AD_PROTOCOL_VERSION;
                goto f_err;
                }
+#endif
        data+=2;
 
        cookie_len = *(data++);
@@ -820,4 +837,3 @@ f_err:
        ssl3_send_alert(s, SSL3_AL_FATAL, al);
        return -1;
        }
-