Jettison DTLS over SCTP.

OpenBSD does not have SCTP support and it sees little use in the wild. OPENSSL_NO_SCTP is already specified via opensslfeatures.h, hence this is a code removal only and symbols should remain unchanged. ok beck@ miod@ tedu@
author: jsing <> 2015-02-09 10:53:28 +0000
committer: jsing <> 2015-02-09 10:53:28 +0000
commit: b6cf79472f84871a9cffc9c9ee7643d17e8943a4 (patch)
tree: 26c8e0794ca281a87b301ecbd4dde188ac6918e4 /src/lib/libssl/d1_clnt.c
parent: ba83f0a487d169240e07a7f1b6b97c6f5ae100ef (diff)
download: openbsd-b6cf79472f84871a9cffc9c9ee7643d17e8943a4.tar.gz
openbsd-b6cf79472f84871a9cffc9c9ee7643d17e8943a4.tar.bz2
openbsd-b6cf79472f84871a9cffc9c9ee7643d17e8943a4.zip
1 files changed, 1 insertions, 145 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index c344c1bcdc..cf25183de5 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_clnt.c,v 1.42 2015/02/06 08:30:23 jsing Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.43 2015/02/09 10:53:28 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -180,10 +180,6 @@ dtls1_connect(SSL *s)
        void (*cb)(const SSL *ssl, int type, int val) = NULL;
        int ret = -1;
        int new_state, state, skip = 0;
-#ifndef OPENSSL_NO_SCTP
-        unsigned char sctpauthkey[64];
-        char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
-#endif
        ERR_clear_error();
        errno = 0;
@@ -197,14 +193,6 @@ dtls1_connect(SSL *s)
        if (!SSL_in_init(s) || SSL_in_before(s))
                SSL_clear(s);
-#ifndef OPENSSL_NO_SCTP
-        /* Notify SCTP BIO socket to enter handshake
-         * mode and prevent stream identifier other
-         * than 0. Will be ignored if no SCTP is used.
-         */
-        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
-            s->in_handshake, NULL);
-#endif
        for (;;) {
                state = s->state;
@@ -271,40 +259,6 @@ dtls1_connect(SSL *s)
                        s->hit = 0;
                        break;
-#ifndef OPENSSL_NO_SCTP
-                case DTLS1_SCTP_ST_CR_READ_SOCK:
-                        if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
-                                s->s3->in_read_app_data = 2;
-                                s->rwstate = SSL_READING;
-                                BIO_clear_retry_flags(SSL_get_rbio(s));
-                                BIO_set_retry_read(SSL_get_rbio(s));
-                                ret = -1;
-                                goto end;
-                        }
-                        s->state = s->s3->tmp.next_state;
-                        break;
-                case DTLS1_SCTP_ST_CW_WRITE_SOCK:
-                        /* read app data until dry event */
-                        ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
-                        if (ret < 0)
-                                goto end;
-                        if (ret == 0) {
-                                s->s3->in_read_app_data = 2;
-                                s->rwstate = SSL_READING;
-                                BIO_clear_retry_flags(SSL_get_rbio(s));
-                                BIO_set_retry_read(SSL_get_rbio(s));
-                                ret = -1;
-                                goto end;
-                        }
-                        s->state = s->d1->next_state;
-                        break;
-#endif
                case SSL3_ST_CW_CLNT_HELLO_A:
                case SSL3_ST_CW_CLNT_HELLO_B:
@@ -330,16 +284,9 @@ dtls1_connect(SSL *s)
                        s->init_num = 0;
-#ifndef OPENSSL_NO_SCTP
-                        /* Disable buffering for SCTP */
-                        if (!BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-#endif
                                /* turn on buffering for the next lot of output */
                                if (s->bbio != s->wbio)
                                        s->wbio = BIO_push(s->bbio, s->wbio);
-#ifndef OPENSSL_NO_SCTP
-                        }
-#endif
                        break;
                case SSL3_ST_CR_SRVR_HELLO_A:
@@ -349,20 +296,6 @@ dtls1_connect(SSL *s)
                                goto end;
                        else {
                                if (s->hit) {
-#ifndef OPENSSL_NO_SCTP
-                                        /* Add new shared key for SCTP-Auth,
-                                         * will be ignored if no SCTP used.
-                                         */
-                                        snprintf((char*) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
-                                            DTLS1_SCTP_AUTH_LABEL);
-                                        SSL_export_keying_material(s, sctpauthkey,
-                                            sizeof(sctpauthkey), labelbuffer,
-                                            sizeof(labelbuffer), NULL, 0, 0);
-                                        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
-                                            sizeof(sctpauthkey), sctpauthkey);
-#endif
                                        s->state = SSL3_ST_CR_FINISHED_A;
                                } else
@@ -453,12 +386,6 @@ dtls1_connect(SSL *s)
                                s->s3->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;
                        s->init_num = 0;
-#ifndef OPENSSL_NO_SCTP
-                        if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
-                            state == SSL_ST_RENEGOTIATE)
-                                s->state = DTLS1_SCTP_ST_CR_READ_SOCK;
-                        else
-#endif
                                s->state = s->s3->tmp.next_state;
                        break;
@@ -481,22 +408,6 @@ dtls1_connect(SSL *s)
                        if (ret <= 0)
                                goto end;
-#ifndef OPENSSL_NO_SCTP
-                        /* Add new shared key for SCTP-Auth,
-                         * will be ignored if no SCTP used.
-                         */
-                        snprintf((char*)labelbuffer,
-                            sizeof(DTLS1_SCTP_AUTH_LABEL),
-                            DTLS1_SCTP_AUTH_LABEL);
-                        SSL_export_keying_material(s, sctpauthkey,
-                            sizeof(sctpauthkey), labelbuffer,
-                            sizeof(labelbuffer), NULL, 0, 0);
-                        BIO_ctrl(SSL_get_wbio(s),
-                            BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
-                            sizeof(sctpauthkey), sctpauthkey);
-#endif
                        /* EAY EAY EAY need to check for DH fix cert
                         * sent back */
@@ -505,12 +416,6 @@ dtls1_connect(SSL *s)
                        if (s->s3->tmp.cert_req == 1) {
                                s->state = SSL3_ST_CW_CERT_VRFY_A;
                        } else {
-#ifndef OPENSSL_NO_SCTP
-                                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                                        s->d1->next_state = SSL3_ST_CW_CHANGE_A;
-                                        s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                                } else
-#endif
                                        s->state = SSL3_ST_CW_CHANGE_A;
                                s->s3->change_cipher_spec = 0;
                        }
@@ -524,12 +429,6 @@ dtls1_connect(SSL *s)
                        ret = dtls1_send_client_verify(s);
                        if (ret <= 0)
                                goto end;
-#ifndef OPENSSL_NO_SCTP
-                        if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                                s->d1->next_state = SSL3_ST_CW_CHANGE_A;
-                                s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                        } else
-#endif
                                s->state = SSL3_ST_CW_CHANGE_A;
                        s->init_num = 0;
                        s->s3->change_cipher_spec = 0;
@@ -559,15 +458,6 @@ dtls1_connect(SSL *s)
                                goto end;
                        }
-#ifndef OPENSSL_NO_SCTP
-                        if (s->hit) {
-                                /* Change to new shared key of SCTP-Auth,
-                                 * will be ignored if no SCTP used.
-                                 */
-                                BIO_ctrl(SSL_get_wbio(s),
-                                    BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
-                        }
-#endif
                        dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
                        break;
@@ -588,31 +478,12 @@ dtls1_connect(SSL *s)
                        s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
                        if (s->hit) {
                                s->s3->tmp.next_state = SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
-                                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                                        s->d1->next_state = s->s3->tmp.next_state;
-                                        s->s3->tmp.next_state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                                }
-#endif
                                if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
                                        s->state = SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
-                                        if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                                                s->d1->next_state = SSL_ST_OK;
-                                                s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                                        }
-#endif
                                        s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
                                        s->s3->delay_buf_pop_ret = 0;
                                }
                        } else {
-#ifndef OPENSSL_NO_SCTP
-                                /* Change to new shared key of SCTP-Auth,
-                                 * will be ignored if no SCTP used.
-                                 */
-                                BIO_ctrl(SSL_get_wbio(s),
-                                    BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
-#endif
                                /* Allow NewSessionTicket if ticket expected */
                                if (s->tlsext_ticket_expected)
@@ -657,13 +528,6 @@ dtls1_connect(SSL *s)
                        else
                                s->state = SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
-                        if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
-                            state == SSL_ST_RENEGOTIATE) {
-                                s->d1->next_state = s->state;
-                                s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                        }
-#endif
                        s->init_num = 0;
                        break;
@@ -742,14 +606,6 @@ dtls1_connect(SSL *s)
 end:
        s->in_handshake--;
-#ifndef OPENSSL_NO_SCTP
-        /* Notify SCTP BIO socket to leave handshake
-         * mode and allow stream identifier other
-         * than 0. Will be ignored if no SCTP is used.
-         */
-        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
-            s->in_handshake, NULL);
-#endif
        if (buf != NULL)
                BUF_MEM_free(buf);
author	jsing <>	2015-02-09 10:53:28 +0000
committer	jsing <>	2015-02-09 10:53:28 +0000
commit	b6cf79472f84871a9cffc9c9ee7643d17e8943a4 (patch)
tree	26c8e0794ca281a87b301ecbd4dde188ac6918e4 /src/lib/libssl/d1_clnt.c
parent	ba83f0a487d169240e07a7f1b6b97c6f5ae100ef (diff)
download	openbsd-b6cf79472f84871a9cffc9c9ee7643d17e8943a4.tar.gz openbsd-b6cf79472f84871a9cffc9c9ee7643d17e8943a4.tar.bz2 openbsd-b6cf79472f84871a9cffc9c9ee7643d17e8943a4.zip

diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index c344c1bcdc..cf25183de5 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_clnt.c,v 1.42 2015/02/06 08:30:23 jsing Exp $ */	1	/* $OpenBSD: d1_clnt.c,v 1.43 2015/02/09 10:53:28 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -180,10 +180,6 @@ dtls1_connect(SSL *s)
180	void (cb)(const SSL ssl, int type, int val) = NULL;	180	void (cb)(const SSL ssl, int type, int val) = NULL;
181	int ret = -1;	181	int ret = -1;
182	int new_state, state, skip = 0;	182	int new_state, state, skip = 0;
183	#ifndef OPENSSL_NO_SCTP
184	unsigned char sctpauthkey[64];
185	char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
186	#endif
187		183
188	ERR_clear_error();	184	ERR_clear_error();
189	errno = 0;	185	errno = 0;
@@ -197,14 +193,6 @@ dtls1_connect(SSL *s)
197	if (!SSL_in_init(s) \|\| SSL_in_before(s))	193	if (!SSL_in_init(s) \|\| SSL_in_before(s))
198	SSL_clear(s);	194	SSL_clear(s);
199		195
200	#ifndef OPENSSL_NO_SCTP
201	/* Notify SCTP BIO socket to enter handshake
202	* mode and prevent stream identifier other
203	* than 0. Will be ignored if no SCTP is used.
204	*/
205	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
206	s->in_handshake, NULL);
207	#endif
208		196
209	for (;;) {	197	for (;;) {
210	state = s->state;	198	state = s->state;
@@ -271,40 +259,6 @@ dtls1_connect(SSL *s)
271	s->hit = 0;	259	s->hit = 0;
272	break;	260	break;
273		261
274	#ifndef OPENSSL_NO_SCTP
275	case DTLS1_SCTP_ST_CR_READ_SOCK:
276
277	if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
278	s->s3->in_read_app_data = 2;
279	s->rwstate = SSL_READING;
280	BIO_clear_retry_flags(SSL_get_rbio(s));
281	BIO_set_retry_read(SSL_get_rbio(s));
282	ret = -1;
283	goto end;
284	}
285
286	s->state = s->s3->tmp.next_state;
287	break;
288
289	case DTLS1_SCTP_ST_CW_WRITE_SOCK:
290	/* read app data until dry event */
291
292	ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
293	if (ret < 0)
294	goto end;
295
296	if (ret == 0) {
297	s->s3->in_read_app_data = 2;
298	s->rwstate = SSL_READING;
299	BIO_clear_retry_flags(SSL_get_rbio(s));
300	BIO_set_retry_read(SSL_get_rbio(s));
301	ret = -1;
302	goto end;
303	}
304
305	s->state = s->d1->next_state;
306	break;
307	#endif
308		262
309	case SSL3_ST_CW_CLNT_HELLO_A:	263	case SSL3_ST_CW_CLNT_HELLO_A:
310	case SSL3_ST_CW_CLNT_HELLO_B:	264	case SSL3_ST_CW_CLNT_HELLO_B:
@@ -330,16 +284,9 @@ dtls1_connect(SSL *s)
330		284
331	s->init_num = 0;	285	s->init_num = 0;
332		286
333	#ifndef OPENSSL_NO_SCTP
334	/* Disable buffering for SCTP */
335	if (!BIO_dgram_is_sctp(SSL_get_wbio(s))) {
336	#endif
337	/* turn on buffering for the next lot of output */	287	/* turn on buffering for the next lot of output */
338	if (s->bbio != s->wbio)	288	if (s->bbio != s->wbio)
339	s->wbio = BIO_push(s->bbio, s->wbio);	289	s->wbio = BIO_push(s->bbio, s->wbio);
340	#ifndef OPENSSL_NO_SCTP
341	}
342	#endif
343	break;	290	break;
344		291
345	case SSL3_ST_CR_SRVR_HELLO_A:	292	case SSL3_ST_CR_SRVR_HELLO_A:
@@ -349,20 +296,6 @@ dtls1_connect(SSL *s)
349	goto end;	296	goto end;
350	else {	297	else {
351	if (s->hit) {	298	if (s->hit) {
352	#ifndef OPENSSL_NO_SCTP
353	/* Add new shared key for SCTP-Auth,
354	* will be ignored if no SCTP used.
355	*/
356	snprintf((char*) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
357	DTLS1_SCTP_AUTH_LABEL);
358
359	SSL_export_keying_material(s, sctpauthkey,
360	sizeof(sctpauthkey), labelbuffer,
361	sizeof(labelbuffer), NULL, 0, 0);
362
363	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
364	sizeof(sctpauthkey), sctpauthkey);
365	#endif
366		299
367	s->state = SSL3_ST_CR_FINISHED_A;	300	s->state = SSL3_ST_CR_FINISHED_A;
368	} else	301	} else
@@ -453,12 +386,6 @@ dtls1_connect(SSL *s)
453	s->s3->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;	386	s->s3->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;
454	s->init_num = 0;	387	s->init_num = 0;
455		388
456	#ifndef OPENSSL_NO_SCTP
457	if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
458	state == SSL_ST_RENEGOTIATE)
459	s->state = DTLS1_SCTP_ST_CR_READ_SOCK;
460	else
461	#endif
462	s->state = s->s3->tmp.next_state;	389	s->state = s->s3->tmp.next_state;
463	break;	390	break;
464		391
@@ -481,22 +408,6 @@ dtls1_connect(SSL *s)
481	if (ret <= 0)	408	if (ret <= 0)
482	goto end;	409	goto end;
483		410
484	#ifndef OPENSSL_NO_SCTP
485	/* Add new shared key for SCTP-Auth,
486	* will be ignored if no SCTP used.
487	*/
488	snprintf((char*)labelbuffer,
489	sizeof(DTLS1_SCTP_AUTH_LABEL),
490	DTLS1_SCTP_AUTH_LABEL);
491
492	SSL_export_keying_material(s, sctpauthkey,
493	sizeof(sctpauthkey), labelbuffer,
494	sizeof(labelbuffer), NULL, 0, 0);
495
496	BIO_ctrl(SSL_get_wbio(s),
497	BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
498	sizeof(sctpauthkey), sctpauthkey);
499	#endif
500		411
501	/* EAY EAY EAY need to check for DH fix cert	412	/* EAY EAY EAY need to check for DH fix cert
502	* sent back */	413	* sent back */
@@ -505,12 +416,6 @@ dtls1_connect(SSL *s)
505	if (s->s3->tmp.cert_req == 1) {	416	if (s->s3->tmp.cert_req == 1) {
506	s->state = SSL3_ST_CW_CERT_VRFY_A;	417	s->state = SSL3_ST_CW_CERT_VRFY_A;
507	} else {	418	} else {
508	#ifndef OPENSSL_NO_SCTP
509	if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
510	s->d1->next_state = SSL3_ST_CW_CHANGE_A;
511	s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
512	} else
513	#endif
514	s->state = SSL3_ST_CW_CHANGE_A;	419	s->state = SSL3_ST_CW_CHANGE_A;
515	s->s3->change_cipher_spec = 0;	420	s->s3->change_cipher_spec = 0;
516	}	421	}
@@ -524,12 +429,6 @@ dtls1_connect(SSL *s)
524	ret = dtls1_send_client_verify(s);	429	ret = dtls1_send_client_verify(s);
525	if (ret <= 0)	430	if (ret <= 0)
526	goto end;	431	goto end;
527	#ifndef OPENSSL_NO_SCTP
528	if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
529	s->d1->next_state = SSL3_ST_CW_CHANGE_A;
530	s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
531	} else
532	#endif
533	s->state = SSL3_ST_CW_CHANGE_A;	432	s->state = SSL3_ST_CW_CHANGE_A;
534	s->init_num = 0;	433	s->init_num = 0;
535	s->s3->change_cipher_spec = 0;	434	s->s3->change_cipher_spec = 0;
@@ -559,15 +458,6 @@ dtls1_connect(SSL *s)
559	goto end;	458	goto end;
560	}	459	}
561		460
562	#ifndef OPENSSL_NO_SCTP
563	if (s->hit) {
564	/* Change to new shared key of SCTP-Auth,
565	* will be ignored if no SCTP used.
566	*/
567	BIO_ctrl(SSL_get_wbio(s),
568	BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
569	}
570	#endif
571		461
572	dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);	462	dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
573	break;	463	break;
@@ -588,31 +478,12 @@ dtls1_connect(SSL *s)
588	s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;	478	s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
589	if (s->hit) {	479	if (s->hit) {
590	s->s3->tmp.next_state = SSL_ST_OK;	480	s->s3->tmp.next_state = SSL_ST_OK;
591	#ifndef OPENSSL_NO_SCTP
592	if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
593	s->d1->next_state = s->s3->tmp.next_state;
594	s->s3->tmp.next_state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
595	}
596	#endif
597	if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {	481	if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
598	s->state = SSL_ST_OK;	482	s->state = SSL_ST_OK;
599	#ifndef OPENSSL_NO_SCTP
600	if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
601	s->d1->next_state = SSL_ST_OK;
602	s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
603	}
604	#endif
605	s->s3->flags \|= SSL3_FLAGS_POP_BUFFER;	483	s->s3->flags \|= SSL3_FLAGS_POP_BUFFER;
606	s->s3->delay_buf_pop_ret = 0;	484	s->s3->delay_buf_pop_ret = 0;
607	}	485	}
608	} else {	486	} else {
609	#ifndef OPENSSL_NO_SCTP
610	/* Change to new shared key of SCTP-Auth,
611	* will be ignored if no SCTP used.
612	*/
613	BIO_ctrl(SSL_get_wbio(s),
614	BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
615	#endif
616		487
617	/* Allow NewSessionTicket if ticket expected */	488	/* Allow NewSessionTicket if ticket expected */
618	if (s->tlsext_ticket_expected)	489	if (s->tlsext_ticket_expected)
@@ -657,13 +528,6 @@ dtls1_connect(SSL *s)
657	else	528	else
658	s->state = SSL_ST_OK;	529	s->state = SSL_ST_OK;
659		530
660	#ifndef OPENSSL_NO_SCTP
661	if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
662	state == SSL_ST_RENEGOTIATE) {
663	s->d1->next_state = s->state;
664	s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
665	}
666	#endif
667		531
668	s->init_num = 0;	532	s->init_num = 0;
669	break;	533	break;
@@ -742,14 +606,6 @@ dtls1_connect(SSL *s)
742	end:	606	end:
743	s->in_handshake--;	607	s->in_handshake--;
744		608
745	#ifndef OPENSSL_NO_SCTP
746	/* Notify SCTP BIO socket to leave handshake
747	* mode and allow stream identifier other
748	* than 0. Will be ignored if no SCTP is used.
749	*/
750	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
751	s->in_handshake, NULL);
752	#endif
753		609
754	if (buf != NULL)	610	if (buf != NULL)
755	BUF_MEM_free(buf);	611	BUF_MEM_free(buf);