- int reuse_dd = 0;
-#ifndef OPENSSL_NO_KTLS
- struct tls12_crypto_info_aes_gcm_128 crypto_info;
- BIO *wbio;
- unsigned char geniv[12];
-#endif
-
- c = s->s3->tmp.new_sym_enc;
- m = s->s3->tmp.new_hash;
- mac_type = s->s3->tmp.new_mac_pkey_type;
-#ifndef OPENSSL_NO_COMP
- comp = s->s3->tmp.new_compression;
-#endif
-
- if (which & SSL3_CC_READ) {
- if (s->ext.use_etm)
- s->s3->flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
- else
- s->s3->flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
-
- if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
- s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
- else
- s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
-
- if (s->enc_read_ctx != NULL) {
- reuse_dd = 1;
- } else if ((s->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE,
- ERR_R_MALLOC_FAILURE);
- goto err;
- } else {
- /*
- * make sure it's initialised in case we exit later with an error
- */
- EVP_CIPHER_CTX_reset(s->enc_read_ctx);
- }
- dd = s->enc_read_ctx;
- mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
- if (mac_ctx == NULL) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-#ifndef OPENSSL_NO_COMP
- COMP_CTX_free(s->expand);
- s->expand = NULL;
- if (comp != NULL) {
- s->expand = COMP_CTX_new(comp->method);
- if (s->expand == NULL) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
- SSL_F_TLS1_CHANGE_CIPHER_STATE,
- SSL_R_COMPRESSION_LIBRARY_ERROR);
- goto err;
- }
- }
-#endif
- /*
- * this is done by dtls1_reset_seq_numbers for DTLS
- */
- if (!SSL_IS_DTLS(s))
- RECORD_LAYER_reset_read_sequence(&s->rlayer);
- mac_secret = &(s->s3->read_mac_secret[0]);
- mac_secret_size = &(s->s3->read_mac_secret_size);
- } else {
- s->statem.enc_write_state = ENC_WRITE_STATE_INVALID;
- if (s->ext.use_etm)
- s->s3->flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE;
- else
- s->s3->flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE;