}
}
+ if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE)
+ {
+ rr->length = 0;
+ goto start;
+ }
+
/* we now have a packet which can be read and processed */
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
!s->s3->renegotiate)
{
+ s->d1->handshake_read_seq++;
s->new_session = 1;
ssl3_renegotiate(s);
if (ssl3_renegotiate_check(s))
*(p++)=type&0xff;
wr->type=type;
-
- *(p++)=(s->version>>8);
- *(p++)=s->version&0xff;
+ /* Special case: for hello verify request, client version 1.0 and
+ * we haven't decided which version to use yet send back using
+ * version 1.0 header: otherwise some clients will ignore it.
+ */
+ if (s->method->version == DTLS_ANY_VERSION)
+ {
+ *(p++)=DTLS1_VERSION>>8;
+ *(p++)=DTLS1_VERSION&0xff;
+ }
+ else
+ {
+ *(p++)=s->version>>8;
+ *(p++)=s->version&0xff;
+ }
/* field where we are to write out packet epoch, seq num and len */
pseq=p;