Respect cookie length set by app_gen_cookie_cb.

[openssl.git] / ssl / d1_srvr.c

diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 14fdcff03b6e600ae14a3f7e36d1f650ccb521b1..940110500298962f8312244c18d0bef855aa9cd4 100644 (file)
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -627,8 +627,6 @@ int dtls1_send_hello_verify_request(SSL *s)
                *(p++) = s->version >> 8;
                *(p++) = s->version & 0xFF;
 
-               *(p++) = (unsigned char) s->d1->cookie_len;
-
                if (s->ctx->app_gen_cookie_cb != NULL &&
                    s->ctx->app_gen_cookie_cb(s, s->d1->cookie, 
                        &(s->d1->cookie_len)) == 0)
@@ -639,6 +637,7 @@ int dtls1_send_hello_verify_request(SSL *s)
                /* else the cookie is assumed to have 
                 * been initialized by the application */
 
+               *(p++) = (unsigned char) s->d1->cookie_len;
                memcpy(p, s->d1->cookie, s->d1->cookie_len);
                p += s->d1->cookie_len;
                msg_len = p - msg;