Move state from ssl->internal to the handshake structure.

while we are at it, convert SSLerror to use a function internally, so that we may later allocate the handshake structure and check for it ok jsing@
author: beck <> 2017-05-07 04:22:24 +0000
committer: beck <> 2017-05-07 04:22:24 +0000
commit: 3b455600d14ddcf2be0dcd2d4765d1b7854cd1c5 (patch)
tree: 9f980ffff8490ca0af628971a6d8ceb4a23d3b99 /src/lib/libssl/d1_clnt.c
parent: 2145114fc4f04a6a75134ef92bc551a976292150 (diff)
download: openbsd-3b455600d14ddcf2be0dcd2d4765d1b7854cd1c5.tar.gz
openbsd-3b455600d14ddcf2be0dcd2d4765d1b7854cd1c5.tar.bz2
openbsd-3b455600d14ddcf2be0dcd2d4765d1b7854cd1c5.zip
1 files changed, 36 insertions, 36 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index 802aa5cde0..3eebf98417 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_clnt.c,v 1.75 2017/05/06 22:24:57 beck Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.76 2017/05/07 04:22:24 beck Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -198,12 +198,12 @@ dtls1_connect(SSL *s)
        for (;;) {
-                state = s->internal->state;
+                state = S3I(s)->hs.state;
-                switch (s->internal->state) {
+                switch (S3I(s)->hs.state) {
                case SSL_ST_RENEGOTIATE:
                        s->internal->renegotiate = 1;
-                        s->internal->state = SSL_ST_CONNECT;
+                        S3I(s)->hs.state = SSL_ST_CONNECT;
                        s->ctx->internal->stats.sess_connect_renegotiate++;
                        /* break */
                case SSL_ST_BEFORE:
@@ -239,7 +239,7 @@ dtls1_connect(SSL *s)
                        /* don't push the buffering BIO quite yet */
-                        s->internal->state = SSL3_ST_CW_CLNT_HELLO_A;
+                        S3I(s)->hs.state = SSL3_ST_CW_CLNT_HELLO_A;
                        s->ctx->internal->stats.sess_connect++;
                        s->internal->init_num = 0;
                        /* mark client_random uninitialized */
@@ -267,10 +267,10 @@ dtls1_connect(SSL *s)
                                goto end;
                        if (D1I(s)->send_cookie) {
-                                s->internal->state = SSL3_ST_CW_FLUSH;
+                                S3I(s)->hs.state = SSL3_ST_CW_FLUSH;
                                S3I(s)->hs.next_state = SSL3_ST_CR_SRVR_HELLO_A;
                        } else
-                                s->internal->state = SSL3_ST_CR_SRVR_HELLO_A;
+                                S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
                        s->internal->init_num = 0;
@@ -288,9 +288,9 @@ dtls1_connect(SSL *s)
                        else {
                                if (s->internal->hit) {
-                                        s->internal->state = SSL3_ST_CR_FINISHED_A;
+                                        S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
                                } else
-                                        s->internal->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
+                                        S3I(s)->hs.state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
                        }
                        s->internal->init_num = 0;
                        break;
@@ -303,9 +303,9 @@ dtls1_connect(SSL *s)
                                goto end;
                        dtls1_stop_timer(s);
                        if ( D1I(s)->send_cookie) /* start again, with a cookie */
-                                s->internal->state = SSL3_ST_CW_CLNT_HELLO_A;
+                                S3I(s)->hs.state = SSL3_ST_CW_CLNT_HELLO_A;
                        else
-                                s->internal->state = SSL3_ST_CR_CERT_A;
+                                S3I(s)->hs.state = SSL3_ST_CR_CERT_A;
                        s->internal->init_num = 0;
                        break;
@@ -317,9 +317,9 @@ dtls1_connect(SSL *s)
                        if (ret == 2) {
                                s->internal->hit = 1;
                                if (s->internal->tlsext_ticket_expected)
-                                        s->internal->state = SSL3_ST_CR_SESSION_TICKET_A;
+                                        S3I(s)->hs.state = SSL3_ST_CR_SESSION_TICKET_A;
                                else
-                                        s->internal->state = SSL3_ST_CR_FINISHED_A;
+                                        S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
                                s->internal->init_num = 0;
                                break;
                        }
@@ -330,12 +330,12 @@ dtls1_connect(SSL *s)
                                if (ret <= 0)
                                        goto end;
                                if (s->internal->tlsext_status_expected)
-                                        s->internal->state = SSL3_ST_CR_CERT_STATUS_A;
+                                        S3I(s)->hs.state = SSL3_ST_CR_CERT_STATUS_A;
                                else
-                                        s->internal->state = SSL3_ST_CR_KEY_EXCH_A;
+                                        S3I(s)->hs.state = SSL3_ST_CR_KEY_EXCH_A;
                        } else {
                                skip = 1;
-                                s->internal->state = SSL3_ST_CR_KEY_EXCH_A;
+                                S3I(s)->hs.state = SSL3_ST_CR_KEY_EXCH_A;
                        }
                        s->internal->init_num = 0;
                        break;
@@ -345,7 +345,7 @@ dtls1_connect(SSL *s)
                        ret = ssl3_get_server_key_exchange(s);
                        if (ret <= 0)
                                goto end;
-                        s->internal->state = SSL3_ST_CR_CERT_REQ_A;
+                        S3I(s)->hs.state = SSL3_ST_CR_CERT_REQ_A;
                        s->internal->init_num = 0;
                        /* at this point we check that we have the
@@ -361,7 +361,7 @@ dtls1_connect(SSL *s)
                        ret = ssl3_get_certificate_request(s);
                        if (ret <= 0)
                                goto end;
-                        s->internal->state = SSL3_ST_CR_SRVR_DONE_A;
+                        S3I(s)->hs.state = SSL3_ST_CR_SRVR_DONE_A;
                        s->internal->init_num = 0;
                        break;
@@ -376,7 +376,7 @@ dtls1_connect(SSL *s)
                        else
                                S3I(s)->hs.next_state = SSL3_ST_CW_KEY_EXCH_A;
                        s->internal->init_num = 0;
-                        s->internal->state = S3I(s)->hs.next_state;
+                        S3I(s)->hs.state = S3I(s)->hs.next_state;
                        break;
                case SSL3_ST_CW_CERT_A:
@@ -387,7 +387,7 @@ dtls1_connect(SSL *s)
                        ret = ssl3_send_client_certificate(s);
                        if (ret <= 0)
                                goto end;
-                        s->internal->state = SSL3_ST_CW_KEY_EXCH_A;
+                        S3I(s)->hs.state = SSL3_ST_CW_KEY_EXCH_A;
                        s->internal->init_num = 0;
                        break;
@@ -403,9 +403,9 @@ dtls1_connect(SSL *s)
                        /* For TLS, cert_req is set to 2, so a cert chain
                         * of nothing is sent, but no verify packet is sent */
                        if (S3I(s)->tmp.cert_req == 1) {
-                                s->internal->state = SSL3_ST_CW_CERT_VRFY_A;
+                                S3I(s)->hs.state = SSL3_ST_CW_CERT_VRFY_A;
                        } else {
-                                s->internal->state = SSL3_ST_CW_CHANGE_A;
+                                S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
                                S3I(s)->change_cipher_spec = 0;
                        }
@@ -418,7 +418,7 @@ dtls1_connect(SSL *s)
                        ret = ssl3_send_client_verify(s);
                        if (ret <= 0)
                                goto end;
-                        s->internal->state = SSL3_ST_CW_CHANGE_A;
+                        S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
                        s->internal->init_num = 0;
                        S3I(s)->change_cipher_spec = 0;
                        break;
@@ -432,7 +432,7 @@ dtls1_connect(SSL *s)
                        if (ret <= 0)
                                goto end;
-                        s->internal->state = SSL3_ST_CW_FINISHED_A;
+                        S3I(s)->hs.state = SSL3_ST_CW_FINISHED_A;
                        s->internal->init_num = 0;
                        s->session->cipher = S3I(s)->hs.new_cipher;
@@ -461,14 +461,14 @@ dtls1_connect(SSL *s)
                            TLS_MD_CLIENT_FINISH_CONST_SIZE);
                        if (ret <= 0)
                                goto end;
-                        s->internal->state = SSL3_ST_CW_FLUSH;
+                        S3I(s)->hs.state = SSL3_ST_CW_FLUSH;
                        /* clear flags */
                        s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
                        if (s->internal->hit) {
                                S3I(s)->hs.next_state = SSL_ST_OK;
                                if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
-                                        s->internal->state = SSL_ST_OK;
+                                        S3I(s)->hs.state = SSL_ST_OK;
                                        s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
                                        S3I(s)->delay_buf_pop_ret = 0;
                                }
@@ -490,7 +490,7 @@ dtls1_connect(SSL *s)
                        ret = ssl3_get_new_session_ticket(s);
                        if (ret <= 0)
                                goto end;
-                        s->internal->state = SSL3_ST_CR_FINISHED_A;
+                        S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
                        s->internal->init_num = 0;
                        break;
@@ -499,7 +499,7 @@ dtls1_connect(SSL *s)
                        ret = ssl3_get_cert_status(s);
                        if (ret <= 0)
                                goto end;
-                        s->internal->state = SSL3_ST_CR_KEY_EXCH_A;
+                        S3I(s)->hs.state = SSL3_ST_CR_KEY_EXCH_A;
                        s->internal->init_num = 0;
                        break;
@@ -513,9 +513,9 @@ dtls1_connect(SSL *s)
                        dtls1_stop_timer(s);
                        if (s->internal->hit)
-                                s->internal->state = SSL3_ST_CW_CHANGE_A;
+                                S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
                        else
-                                s->internal->state = SSL_ST_OK;
+                                S3I(s)->hs.state = SSL_ST_OK;
                        s->internal->init_num = 0;
@@ -527,14 +527,14 @@ dtls1_connect(SSL *s)
                                /* If the write error was fatal, stop trying */
                                if (!BIO_should_retry(s->wbio)) {
                                        s->internal->rwstate = SSL_NOTHING;
-                                        s->internal->state = S3I(s)->hs.next_state;
+                                        S3I(s)->hs.state = S3I(s)->hs.next_state;
                                }
                                ret = -1;
                                goto end;
                        }
                        s->internal->rwstate = SSL_NOTHING;
-                        s->internal->state = S3I(s)->hs.next_state;
+                        S3I(s)->hs.state = S3I(s)->hs.next_state;
                        break;
                case SSL_ST_OK:
@@ -583,11 +583,11 @@ dtls1_connect(SSL *s)
                                        goto end;
                        }
-                        if ((cb != NULL) && (s->internal->state != state)) {
+                        if ((cb != NULL) && (S3I(s)->hs.state != state)) {
-                                new_state = s->internal->state;
+                                new_state = S3I(s)->hs.state;
-                                s->internal->state = state;
+                                S3I(s)->hs.state = state;
                                cb(s, SSL_CB_CONNECT_LOOP, 1);
-                                s->internal->state = new_state;
+                                S3I(s)->hs.state = new_state;
                        }
                }
                skip = 0;
author	beck <>	2017-05-07 04:22:24 +0000
committer	beck <>	2017-05-07 04:22:24 +0000
commit	3b455600d14ddcf2be0dcd2d4765d1b7854cd1c5 (patch)
tree	9f980ffff8490ca0af628971a6d8ceb4a23d3b99 /src/lib/libssl/d1_clnt.c
parent	2145114fc4f04a6a75134ef92bc551a976292150 (diff)
download	openbsd-3b455600d14ddcf2be0dcd2d4765d1b7854cd1c5.tar.gz openbsd-3b455600d14ddcf2be0dcd2d4765d1b7854cd1c5.tar.bz2 openbsd-3b455600d14ddcf2be0dcd2d4765d1b7854cd1c5.zip

diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index 802aa5cde0..3eebf98417 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_clnt.c,v 1.75 2017/05/06 22:24:57 beck Exp $ */	1	/* $OpenBSD: d1_clnt.c,v 1.76 2017/05/07 04:22:24 beck Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -198,12 +198,12 @@ dtls1_connect(SSL *s)
198		198
199		199
200	for (;;) {	200	for (;;) {
201	state = s->internal->state;	201	state = S3I(s)->hs.state;
202		202
203	switch (s->internal->state) {	203	switch (S3I(s)->hs.state) {
204	case SSL_ST_RENEGOTIATE:	204	case SSL_ST_RENEGOTIATE:
205	s->internal->renegotiate = 1;	205	s->internal->renegotiate = 1;
206	s->internal->state = SSL_ST_CONNECT;	206	S3I(s)->hs.state = SSL_ST_CONNECT;
207	s->ctx->internal->stats.sess_connect_renegotiate++;	207	s->ctx->internal->stats.sess_connect_renegotiate++;
208	/* break */	208	/* break */
209	case SSL_ST_BEFORE:	209	case SSL_ST_BEFORE:
@@ -239,7 +239,7 @@ dtls1_connect(SSL *s)
239		239
240	/* don't push the buffering BIO quite yet */	240	/* don't push the buffering BIO quite yet */
241		241
242	s->internal->state = SSL3_ST_CW_CLNT_HELLO_A;	242	S3I(s)->hs.state = SSL3_ST_CW_CLNT_HELLO_A;
243	s->ctx->internal->stats.sess_connect++;	243	s->ctx->internal->stats.sess_connect++;
244	s->internal->init_num = 0;	244	s->internal->init_num = 0;
245	/* mark client_random uninitialized */	245	/* mark client_random uninitialized */
@@ -267,10 +267,10 @@ dtls1_connect(SSL *s)
267	goto end;	267	goto end;
268		268
269	if (D1I(s)->send_cookie) {	269	if (D1I(s)->send_cookie) {
270	s->internal->state = SSL3_ST_CW_FLUSH;	270	S3I(s)->hs.state = SSL3_ST_CW_FLUSH;
271	S3I(s)->hs.next_state = SSL3_ST_CR_SRVR_HELLO_A;	271	S3I(s)->hs.next_state = SSL3_ST_CR_SRVR_HELLO_A;
272	} else	272	} else
273	s->internal->state = SSL3_ST_CR_SRVR_HELLO_A;	273	S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
274		274
275	s->internal->init_num = 0;	275	s->internal->init_num = 0;
276		276
@@ -288,9 +288,9 @@ dtls1_connect(SSL *s)
288	else {	288	else {
289	if (s->internal->hit) {	289	if (s->internal->hit) {
290		290
291	s->internal->state = SSL3_ST_CR_FINISHED_A;	291	S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
292	} else	292	} else
293	s->internal->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;	293	S3I(s)->hs.state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
294	}	294	}
295	s->internal->init_num = 0;	295	s->internal->init_num = 0;
296	break;	296	break;
@@ -303,9 +303,9 @@ dtls1_connect(SSL *s)
303	goto end;	303	goto end;
304	dtls1_stop_timer(s);	304	dtls1_stop_timer(s);
305	if ( D1I(s)->send_cookie) /* start again, with a cookie */	305	if ( D1I(s)->send_cookie) /* start again, with a cookie */
306	s->internal->state = SSL3_ST_CW_CLNT_HELLO_A;	306	S3I(s)->hs.state = SSL3_ST_CW_CLNT_HELLO_A;
307	else	307	else
308	s->internal->state = SSL3_ST_CR_CERT_A;	308	S3I(s)->hs.state = SSL3_ST_CR_CERT_A;
309	s->internal->init_num = 0;	309	s->internal->init_num = 0;
310	break;	310	break;
311		311
@@ -317,9 +317,9 @@ dtls1_connect(SSL *s)
317	if (ret == 2) {	317	if (ret == 2) {
318	s->internal->hit = 1;	318	s->internal->hit = 1;
319	if (s->internal->tlsext_ticket_expected)	319	if (s->internal->tlsext_ticket_expected)
320	s->internal->state = SSL3_ST_CR_SESSION_TICKET_A;	320	S3I(s)->hs.state = SSL3_ST_CR_SESSION_TICKET_A;
321	else	321	else
322	s->internal->state = SSL3_ST_CR_FINISHED_A;	322	S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
323	s->internal->init_num = 0;	323	s->internal->init_num = 0;
324	break;	324	break;
325	}	325	}
@@ -330,12 +330,12 @@ dtls1_connect(SSL *s)
330	if (ret <= 0)	330	if (ret <= 0)
331	goto end;	331	goto end;
332	if (s->internal->tlsext_status_expected)	332	if (s->internal->tlsext_status_expected)
333	s->internal->state = SSL3_ST_CR_CERT_STATUS_A;	333	S3I(s)->hs.state = SSL3_ST_CR_CERT_STATUS_A;
334	else	334	else
335	s->internal->state = SSL3_ST_CR_KEY_EXCH_A;	335	S3I(s)->hs.state = SSL3_ST_CR_KEY_EXCH_A;
336	} else {	336	} else {
337	skip = 1;	337	skip = 1;
338	s->internal->state = SSL3_ST_CR_KEY_EXCH_A;	338	S3I(s)->hs.state = SSL3_ST_CR_KEY_EXCH_A;
339	}	339	}
340	s->internal->init_num = 0;	340	s->internal->init_num = 0;
341	break;	341	break;
@@ -345,7 +345,7 @@ dtls1_connect(SSL *s)
345	ret = ssl3_get_server_key_exchange(s);	345	ret = ssl3_get_server_key_exchange(s);
346	if (ret <= 0)	346	if (ret <= 0)
347	goto end;	347	goto end;
348	s->internal->state = SSL3_ST_CR_CERT_REQ_A;	348	S3I(s)->hs.state = SSL3_ST_CR_CERT_REQ_A;
349	s->internal->init_num = 0;	349	s->internal->init_num = 0;
350		350
351	/* at this point we check that we have the	351	/* at this point we check that we have the
@@ -361,7 +361,7 @@ dtls1_connect(SSL *s)
361	ret = ssl3_get_certificate_request(s);	361	ret = ssl3_get_certificate_request(s);
362	if (ret <= 0)	362	if (ret <= 0)
363	goto end;	363	goto end;
364	s->internal->state = SSL3_ST_CR_SRVR_DONE_A;	364	S3I(s)->hs.state = SSL3_ST_CR_SRVR_DONE_A;
365	s->internal->init_num = 0;	365	s->internal->init_num = 0;
366	break;	366	break;
367		367
@@ -376,7 +376,7 @@ dtls1_connect(SSL *s)
376	else	376	else
377	S3I(s)->hs.next_state = SSL3_ST_CW_KEY_EXCH_A;	377	S3I(s)->hs.next_state = SSL3_ST_CW_KEY_EXCH_A;
378	s->internal->init_num = 0;	378	s->internal->init_num = 0;
379	s->internal->state = S3I(s)->hs.next_state;	379	S3I(s)->hs.state = S3I(s)->hs.next_state;
380	break;	380	break;
381		381
382	case SSL3_ST_CW_CERT_A:	382	case SSL3_ST_CW_CERT_A:
@@ -387,7 +387,7 @@ dtls1_connect(SSL *s)
387	ret = ssl3_send_client_certificate(s);	387	ret = ssl3_send_client_certificate(s);
388	if (ret <= 0)	388	if (ret <= 0)
389	goto end;	389	goto end;
390	s->internal->state = SSL3_ST_CW_KEY_EXCH_A;	390	S3I(s)->hs.state = SSL3_ST_CW_KEY_EXCH_A;
391	s->internal->init_num = 0;	391	s->internal->init_num = 0;
392	break;	392	break;
393		393
@@ -403,9 +403,9 @@ dtls1_connect(SSL *s)
403	/* For TLS, cert_req is set to 2, so a cert chain	403	/* For TLS, cert_req is set to 2, so a cert chain
404	* of nothing is sent, but no verify packet is sent */	404	* of nothing is sent, but no verify packet is sent */
405	if (S3I(s)->tmp.cert_req == 1) {	405	if (S3I(s)->tmp.cert_req == 1) {
406	s->internal->state = SSL3_ST_CW_CERT_VRFY_A;	406	S3I(s)->hs.state = SSL3_ST_CW_CERT_VRFY_A;
407	} else {	407	} else {
408	s->internal->state = SSL3_ST_CW_CHANGE_A;	408	S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
409	S3I(s)->change_cipher_spec = 0;	409	S3I(s)->change_cipher_spec = 0;
410	}	410	}
411		411
@@ -418,7 +418,7 @@ dtls1_connect(SSL *s)
418	ret = ssl3_send_client_verify(s);	418	ret = ssl3_send_client_verify(s);
419	if (ret <= 0)	419	if (ret <= 0)
420	goto end;	420	goto end;
421	s->internal->state = SSL3_ST_CW_CHANGE_A;	421	S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
422	s->internal->init_num = 0;	422	s->internal->init_num = 0;
423	S3I(s)->change_cipher_spec = 0;	423	S3I(s)->change_cipher_spec = 0;
424	break;	424	break;
@@ -432,7 +432,7 @@ dtls1_connect(SSL *s)
432	if (ret <= 0)	432	if (ret <= 0)
433	goto end;	433	goto end;
434		434
435	s->internal->state = SSL3_ST_CW_FINISHED_A;	435	S3I(s)->hs.state = SSL3_ST_CW_FINISHED_A;
436	s->internal->init_num = 0;	436	s->internal->init_num = 0;
437		437
438	s->session->cipher = S3I(s)->hs.new_cipher;	438	s->session->cipher = S3I(s)->hs.new_cipher;
@@ -461,14 +461,14 @@ dtls1_connect(SSL *s)
461	TLS_MD_CLIENT_FINISH_CONST_SIZE);	461	TLS_MD_CLIENT_FINISH_CONST_SIZE);
462	if (ret <= 0)	462	if (ret <= 0)
463	goto end;	463	goto end;
464	s->internal->state = SSL3_ST_CW_FLUSH;	464	S3I(s)->hs.state = SSL3_ST_CW_FLUSH;
465		465
466	/* clear flags */	466	/* clear flags */
467	s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;	467	s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
468	if (s->internal->hit) {	468	if (s->internal->hit) {
469	S3I(s)->hs.next_state = SSL_ST_OK;	469	S3I(s)->hs.next_state = SSL_ST_OK;
470	if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {	470	if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
471	s->internal->state = SSL_ST_OK;	471	S3I(s)->hs.state = SSL_ST_OK;
472	s->s3->flags \|= SSL3_FLAGS_POP_BUFFER;	472	s->s3->flags \|= SSL3_FLAGS_POP_BUFFER;
473	S3I(s)->delay_buf_pop_ret = 0;	473	S3I(s)->delay_buf_pop_ret = 0;
474	}	474	}
@@ -490,7 +490,7 @@ dtls1_connect(SSL *s)
490	ret = ssl3_get_new_session_ticket(s);	490	ret = ssl3_get_new_session_ticket(s);
491	if (ret <= 0)	491	if (ret <= 0)
492	goto end;	492	goto end;
493	s->internal->state = SSL3_ST_CR_FINISHED_A;	493	S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
494	s->internal->init_num = 0;	494	s->internal->init_num = 0;
495	break;	495	break;
496		496
@@ -499,7 +499,7 @@ dtls1_connect(SSL *s)
499	ret = ssl3_get_cert_status(s);	499	ret = ssl3_get_cert_status(s);
500	if (ret <= 0)	500	if (ret <= 0)
501	goto end;	501	goto end;
502	s->internal->state = SSL3_ST_CR_KEY_EXCH_A;	502	S3I(s)->hs.state = SSL3_ST_CR_KEY_EXCH_A;
503	s->internal->init_num = 0;	503	s->internal->init_num = 0;
504	break;	504	break;
505		505
@@ -513,9 +513,9 @@ dtls1_connect(SSL *s)
513	dtls1_stop_timer(s);	513	dtls1_stop_timer(s);
514		514
515	if (s->internal->hit)	515	if (s->internal->hit)
516	s->internal->state = SSL3_ST_CW_CHANGE_A;	516	S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
517	else	517	else
518	s->internal->state = SSL_ST_OK;	518	S3I(s)->hs.state = SSL_ST_OK;
519		519
520		520
521	s->internal->init_num = 0;	521	s->internal->init_num = 0;
@@ -527,14 +527,14 @@ dtls1_connect(SSL *s)
527	/* If the write error was fatal, stop trying */	527	/* If the write error was fatal, stop trying */
528	if (!BIO_should_retry(s->wbio)) {	528	if (!BIO_should_retry(s->wbio)) {
529	s->internal->rwstate = SSL_NOTHING;	529	s->internal->rwstate = SSL_NOTHING;
530	s->internal->state = S3I(s)->hs.next_state;	530	S3I(s)->hs.state = S3I(s)->hs.next_state;
531	}	531	}
532		532
533	ret = -1;	533	ret = -1;
534	goto end;	534	goto end;
535	}	535	}
536	s->internal->rwstate = SSL_NOTHING;	536	s->internal->rwstate = SSL_NOTHING;
537	s->internal->state = S3I(s)->hs.next_state;	537	S3I(s)->hs.state = S3I(s)->hs.next_state;
538	break;	538	break;
539		539
540	case SSL_ST_OK:	540	case SSL_ST_OK:
@@ -583,11 +583,11 @@ dtls1_connect(SSL *s)
583	goto end;	583	goto end;
584	}	584	}
585		585
586	if ((cb != NULL) && (s->internal->state != state)) {	586	if ((cb != NULL) && (S3I(s)->hs.state != state)) {
587	new_state = s->internal->state;	587	new_state = S3I(s)->hs.state;
588	s->internal->state = state;	588	S3I(s)->hs.state = state;
589	cb(s, SSL_CB_CONNECT_LOOP, 1);	589	cb(s, SSL_CB_CONNECT_LOOP, 1);
590	s->internal->state = new_state;	590	S3I(s)->hs.state = new_state;
591	}	591	}
592	}	592	}
593	skip = 0;	593	skip = 0;