SSL_R_COOKIE_MISMATCH);
goto f_err;
}
-
- ret = 2;
+ /* Set to -2 so if successful we return 2 */
+ ret = -2;
}
p += cookie_len;
s->version = DTLS1_2_VERSION;
s->method = DTLSv1_2_server_method();
}
+ else if (tls1_suiteb(s))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
+ s->version = s->client_version;
+ al = SSL_AD_PROTOCOL_VERSION;
+ goto f_err;
+ }
else if (s->client_version <= DTLS1_VERSION &&
!(s->options & SSL_OP_NO_DTLSv1))
{
}
}
- if (ret < 0) ret=1;
+ if (ret < 0) ret=-ret;
if (0)
{
f_err:
}
err:
if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers);
- return(ret);
+ return ret < 0 ? -1 : ret;
}
int ssl3_send_server_hello(SSL *s)