send state and rstate from ssl_st into internal. There are accessors

so these should not be diddled with directly ok jsing@
author: beck <> 2017-01-23 08:48:45 +0000
committer: beck <> 2017-01-23 08:48:45 +0000
commit: 61af17199189570a4400f2757a9e8dab4bb76d2a (patch)
tree: e1f210556179334ded73129e6e0733758fe22365 /src/lib/libssl/d1_srvr.c
parent: c85967e4f9c3e1f3b3217545939f1d44ddf9f103 (diff)
download: openbsd-61af17199189570a4400f2757a9e8dab4bb76d2a.tar.gz
openbsd-61af17199189570a4400f2757a9e8dab4bb76d2a.tar.bz2
openbsd-61af17199189570a4400f2757a9e8dab4bb76d2a.zip
1 files changed, 46 insertions, 46 deletions
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index 78816cda46..81a05eb30e 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.76 2017/01/23 06:45:30 beck Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.77 2017/01/23 08:48:44 beck Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -209,12 +209,12 @@ dtls1_accept(SSL *s)
        }
        for (;;) {
-                state = s->state;
+                state = s->internal->state;
-                switch (s->state) {
+                switch (s->internal->state) {
                case SSL_ST_RENEGOTIATE:
                        s->internal->renegotiate = 1;
-                        /* s->state=SSL_ST_ACCEPT; */
+                        /* s->internal->state=SSL_ST_ACCEPT; */
                case SSL_ST_BEFORE:
                case SSL_ST_ACCEPT:
@@ -243,7 +243,7 @@ dtls1_accept(SSL *s)
                        s->internal->init_num = 0;
-                        if (s->state != SSL_ST_RENEGOTIATE) {
+                        if (s->internal->state != SSL_ST_RENEGOTIATE) {
                                /* Ok, we now need to push on a buffering BIO so that
                                 * the output is sent in a way that TCP likes :-)
                                 * ...but not with SCTP :-)
@@ -258,13 +258,13 @@ dtls1_accept(SSL *s)
                                        goto end;
                                }
-                                s->state = SSL3_ST_SR_CLNT_HELLO_A;
+                                s->internal->state = SSL3_ST_SR_CLNT_HELLO_A;
                                s->ctx->internal->stats.sess_accept++;
                        } else {
-                                /* s->state == SSL_ST_RENEGOTIATE,
+                                /* s->internal->state == SSL_ST_RENEGOTIATE,
                                 * we will just send a HelloRequest */
                                s->ctx->internal->stats.sess_accept_renegotiate++;
-                                s->state = SSL3_ST_SW_HELLO_REQ_A;
+                                s->internal->state = SSL3_ST_SW_HELLO_REQ_A;
                        }
                        break;
@@ -279,7 +279,7 @@ dtls1_accept(SSL *s)
                        if (ret <= 0)
                                goto end;
                        S3I(s)->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
-                        s->state = SSL3_ST_SW_FLUSH;
+                        s->internal->state = SSL3_ST_SW_FLUSH;
                        s->internal->init_num = 0;
                        if (!tls1_init_finished_mac(s)) {
@@ -289,7 +289,7 @@ dtls1_accept(SSL *s)
                        break;
                case SSL3_ST_SW_HELLO_REQ_C:
-                        s->state = SSL_ST_OK;
+                        s->internal->state = SSL_ST_OK;
                        break;
                case SSL3_ST_SR_CLNT_HELLO_A:
@@ -303,9 +303,9 @@ dtls1_accept(SSL *s)
                        dtls1_stop_timer(s);
                        if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
-                                s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
+                                s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
                        else
-                                s->state = SSL3_ST_SW_SRVR_HELLO_A;
+                                s->internal->state = SSL3_ST_SW_SRVR_HELLO_A;
                        s->internal->init_num = 0;
@@ -315,7 +315,7 @@ dtls1_accept(SSL *s)
                        }
                        /* If we're just listening, stop here */
-                        if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A) {
+                        if (listen && s->internal->state == SSL3_ST_SW_SRVR_HELLO_A) {
                                ret = 2;
                                D1I(s)->listen = 0;
                                /* Set expected sequence numbers
@@ -335,7 +335,7 @@ dtls1_accept(SSL *s)
                        ret = dtls1_send_hello_verify_request(s);
                        if (ret <= 0)
                                goto end;
-                        s->state = SSL3_ST_SW_FLUSH;
+                        s->internal->state = SSL3_ST_SW_FLUSH;
                        S3I(s)->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
                        /* HelloVerifyRequest resets Finished MAC */
@@ -356,11 +356,11 @@ dtls1_accept(SSL *s)
                        if (s->internal->hit) {
                                if (s->internal->tlsext_ticket_expected)
-                                        s->state = SSL3_ST_SW_SESSION_TICKET_A;
+                                        s->internal->state = SSL3_ST_SW_SESSION_TICKET_A;
                                else
-                                        s->state = SSL3_ST_SW_CHANGE_A;
+                                        s->internal->state = SSL3_ST_SW_CHANGE_A;
                        } else
-                                s->state = SSL3_ST_SW_CERT_A;
+                                s->internal->state = SSL3_ST_SW_CERT_A;
                        s->internal->init_num = 0;
                        break;
@@ -374,12 +374,12 @@ dtls1_accept(SSL *s)
                                if (ret <= 0)
                                        goto end;
                                if (s->internal->tlsext_status_expected)
-                                        s->state = SSL3_ST_SW_CERT_STATUS_A;
+                                        s->internal->state = SSL3_ST_SW_CERT_STATUS_A;
                                else
-                                        s->state = SSL3_ST_SW_KEY_EXCH_A;
+                                        s->internal->state = SSL3_ST_SW_KEY_EXCH_A;
                        } else {
                                skip = 1;
-                                s->state = SSL3_ST_SW_KEY_EXCH_A;
+                                s->internal->state = SSL3_ST_SW_KEY_EXCH_A;
                        }
                        s->internal->init_num = 0;
                        break;
@@ -397,7 +397,7 @@ dtls1_accept(SSL *s)
                        } else
                                skip = 1;
-                        s->state = SSL3_ST_SW_CERT_REQ_A;
+                        s->internal->state = SSL3_ST_SW_CERT_REQ_A;
                        s->internal->init_num = 0;
                        break;
@@ -429,14 +429,14 @@ dtls1_accept(SSL *s)
                                /* no cert request */
                                skip = 1;
                                S3I(s)->tmp.cert_request = 0;
-                                s->state = SSL3_ST_SW_SRVR_DONE_A;
+                                s->internal->state = SSL3_ST_SW_SRVR_DONE_A;
                        } else {
                                S3I(s)->tmp.cert_request = 1;
                                dtls1_start_timer(s);
                                ret = ssl3_send_certificate_request(s);
                                if (ret <= 0)
                                        goto end;
-                                s->state = SSL3_ST_SW_SRVR_DONE_A;
+                                s->internal->state = SSL3_ST_SW_SRVR_DONE_A;
                                s->internal->init_num = 0;
                        }
                        break;
@@ -448,7 +448,7 @@ dtls1_accept(SSL *s)
                        if (ret <= 0)
                                goto end;
                        S3I(s)->tmp.next_state = SSL3_ST_SR_CERT_A;
-                        s->state = SSL3_ST_SW_FLUSH;
+                        s->internal->state = SSL3_ST_SW_FLUSH;
                        s->internal->init_num = 0;
                        break;
@@ -458,14 +458,14 @@ dtls1_accept(SSL *s)
                                /* If the write error was fatal, stop trying */
                                if (!BIO_should_retry(s->wbio)) {
                                        s->internal->rwstate = SSL_NOTHING;
-                                        s->state = S3I(s)->tmp.next_state;
+                                        s->internal->state = S3I(s)->tmp.next_state;
                                }
                                ret = -1;
                                goto end;
                        }
                        s->internal->rwstate = SSL_NOTHING;
-                        s->state = S3I(s)->tmp.next_state;
+                        s->internal->state = S3I(s)->tmp.next_state;
                        break;
                case SSL3_ST_SR_CERT_A:
@@ -476,7 +476,7 @@ dtls1_accept(SSL *s)
                                        goto end;
                        }
                        s->internal->init_num = 0;
-                        s->state = SSL3_ST_SR_KEY_EXCH_A;
+                        s->internal->state = SSL3_ST_SR_KEY_EXCH_A;
                        break;
                case SSL3_ST_SR_KEY_EXCH_A:
@@ -485,7 +485,7 @@ dtls1_accept(SSL *s)
                        if (ret <= 0)
                                goto end;
-                        s->state = SSL3_ST_SR_CERT_VRFY_A;
+                        s->internal->state = SSL3_ST_SR_CERT_VRFY_A;
                        s->internal->init_num = 0;
                        if (ret == 2) {
@@ -494,10 +494,10 @@ dtls1_accept(SSL *s)
                                 * a certificate, the CertificateVerify
                                 * message is not sent.
                                 */
-                                s->state = SSL3_ST_SR_FINISHED_A;
+                                s->internal->state = SSL3_ST_SR_FINISHED_A;
                                s->internal->init_num = 0;
                        } else if (SSL_USE_SIGALGS(s)) {
-                                s->state = SSL3_ST_SR_CERT_VRFY_A;
+                                s->internal->state = SSL3_ST_SR_CERT_VRFY_A;
                                s->internal->init_num = 0;
                                if (!s->session->peer)
                                        break;
@@ -518,7 +518,7 @@ dtls1_accept(SSL *s)
                                        goto end;
                                }
                        } else {
-                                s->state = SSL3_ST_SR_CERT_VRFY_A;
+                                s->internal->state = SSL3_ST_SR_CERT_VRFY_A;
                                s->internal->init_num = 0;
                                /* We need to get hashes here so if there is
@@ -539,7 +539,7 @@ dtls1_accept(SSL *s)
                        ret = ssl3_get_cert_verify(s);
                        if (ret <= 0)
                                goto end;
-                        s->state = SSL3_ST_SR_FINISHED_A;
+                        s->internal->state = SSL3_ST_SR_FINISHED_A;
                        s->internal->init_num = 0;
                        break;
@@ -552,11 +552,11 @@ dtls1_accept(SSL *s)
                                goto end;
                        dtls1_stop_timer(s);
                        if (s->internal->hit)
-                                s->state = SSL_ST_OK;
+                                s->internal->state = SSL_ST_OK;
                        else if (s->internal->tlsext_ticket_expected)
-                                s->state = SSL3_ST_SW_SESSION_TICKET_A;
+                                s->internal->state = SSL3_ST_SW_SESSION_TICKET_A;
                        else
-                                s->state = SSL3_ST_SW_CHANGE_A;
+                                s->internal->state = SSL3_ST_SW_CHANGE_A;
                        s->internal->init_num = 0;
                        break;
@@ -565,7 +565,7 @@ dtls1_accept(SSL *s)
                        ret = ssl3_send_newsession_ticket(s);
                        if (ret <= 0)
                                goto end;
-                        s->state = SSL3_ST_SW_CHANGE_A;
+                        s->internal->state = SSL3_ST_SW_CHANGE_A;
                        s->internal->init_num = 0;
                        break;
@@ -574,7 +574,7 @@ dtls1_accept(SSL *s)
                        ret = ssl3_send_cert_status(s);
                        if (ret <= 0)
                                goto end;
-                        s->state = SSL3_ST_SW_KEY_EXCH_A;
+                        s->internal->state = SSL3_ST_SW_KEY_EXCH_A;
                        s->internal->init_num = 0;
                        break;
@@ -595,7 +595,7 @@ dtls1_accept(SSL *s)
                                goto end;
-                        s->state = SSL3_ST_SW_FINISHED_A;
+                        s->internal->state = SSL3_ST_SW_FINISHED_A;
                        s->internal->init_num = 0;
                        if (!s->method->ssl3_enc->change_cipher_state(s,
@@ -615,7 +615,7 @@ dtls1_accept(SSL *s)
                            s->method->ssl3_enc->server_finished_label_len);
                        if (ret <= 0)
                                goto end;
-                        s->state = SSL3_ST_SW_FLUSH;
+                        s->internal->state = SSL3_ST_SW_FLUSH;
                        if (s->internal->hit) {
                                S3I(s)->tmp.next_state = SSL3_ST_SR_FINISHED_A;
@@ -672,11 +672,11 @@ dtls1_accept(SSL *s)
                                        goto end;
                        }
-                        if ((cb != NULL) && (s->state != state)) {
+                        if ((cb != NULL) && (s->internal->state != state)) {
-                                new_state = s->state;
+                                new_state = s->internal->state;
-                                s->state = state;
+                                s->internal->state = state;
                                cb(s, SSL_CB_ACCEPT_LOOP, 1);
-                                s->state = new_state;
+                                s->internal->state = new_state;
                        }
                }
                skip = 0;
@@ -697,7 +697,7 @@ dtls1_send_hello_verify_request(SSL *s)
 {
        unsigned char *d, *p;
-        if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
+        if (s->internal->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
                d = p = ssl3_handshake_msg_start(s,
                    DTLS1_MT_HELLO_VERIFY_REQUEST);
@@ -718,9 +718,9 @@ dtls1_send_hello_verify_request(SSL *s)
                ssl3_handshake_msg_finish(s, p - d);
-                s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
+                s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
        }
-        /* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
+        /* s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
        return (ssl3_handshake_write(s));
 }
author	beck <>	2017-01-23 08:48:45 +0000
committer	beck <>	2017-01-23 08:48:45 +0000
commit	61af17199189570a4400f2757a9e8dab4bb76d2a (patch)
tree	e1f210556179334ded73129e6e0733758fe22365 /src/lib/libssl/d1_srvr.c
parent	c85967e4f9c3e1f3b3217545939f1d44ddf9f103 (diff)
download	openbsd-61af17199189570a4400f2757a9e8dab4bb76d2a.tar.gz openbsd-61af17199189570a4400f2757a9e8dab4bb76d2a.tar.bz2 openbsd-61af17199189570a4400f2757a9e8dab4bb76d2a.zip

diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index 78816cda46..81a05eb30e 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_srvr.c,v 1.76 2017/01/23 06:45:30 beck Exp $ */	1	/* $OpenBSD: d1_srvr.c,v 1.77 2017/01/23 08:48:44 beck Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -209,12 +209,12 @@ dtls1_accept(SSL *s)
209	}	209	}
210		210
211	for (;;) {	211	for (;;) {
212	state = s->state;	212	state = s->internal->state;
213		213
214	switch (s->state) {	214	switch (s->internal->state) {
215	case SSL_ST_RENEGOTIATE:	215	case SSL_ST_RENEGOTIATE:
216	s->internal->renegotiate = 1;	216	s->internal->renegotiate = 1;
217	/* s->state=SSL_ST_ACCEPT; */	217	/* s->internal->state=SSL_ST_ACCEPT; */
218		218
219	case SSL_ST_BEFORE:	219	case SSL_ST_BEFORE:
220	case SSL_ST_ACCEPT:	220	case SSL_ST_ACCEPT:
@@ -243,7 +243,7 @@ dtls1_accept(SSL *s)
243		243
244	s->internal->init_num = 0;	244	s->internal->init_num = 0;
245		245
246	if (s->state != SSL_ST_RENEGOTIATE) {	246	if (s->internal->state != SSL_ST_RENEGOTIATE) {
247	/* Ok, we now need to push on a buffering BIO so that	247	/* Ok, we now need to push on a buffering BIO so that
248	* the output is sent in a way that TCP likes :-)	248	* the output is sent in a way that TCP likes :-)
249	* ...but not with SCTP :-)	249	* ...but not with SCTP :-)
@@ -258,13 +258,13 @@ dtls1_accept(SSL *s)
258	goto end;	258	goto end;
259	}	259	}
260		260
261	s->state = SSL3_ST_SR_CLNT_HELLO_A;	261	s->internal->state = SSL3_ST_SR_CLNT_HELLO_A;
262	s->ctx->internal->stats.sess_accept++;	262	s->ctx->internal->stats.sess_accept++;
263	} else {	263	} else {
264	/* s->state == SSL_ST_RENEGOTIATE,	264	/* s->internal->state == SSL_ST_RENEGOTIATE,
265	* we will just send a HelloRequest */	265	* we will just send a HelloRequest */
266	s->ctx->internal->stats.sess_accept_renegotiate++;	266	s->ctx->internal->stats.sess_accept_renegotiate++;
267	s->state = SSL3_ST_SW_HELLO_REQ_A;	267	s->internal->state = SSL3_ST_SW_HELLO_REQ_A;
268	}	268	}
269		269
270	break;	270	break;
@@ -279,7 +279,7 @@ dtls1_accept(SSL *s)
279	if (ret <= 0)	279	if (ret <= 0)
280	goto end;	280	goto end;
281	S3I(s)->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;	281	S3I(s)->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
282	s->state = SSL3_ST_SW_FLUSH;	282	s->internal->state = SSL3_ST_SW_FLUSH;
283	s->internal->init_num = 0;	283	s->internal->init_num = 0;
284		284
285	if (!tls1_init_finished_mac(s)) {	285	if (!tls1_init_finished_mac(s)) {
@@ -289,7 +289,7 @@ dtls1_accept(SSL *s)
289	break;	289	break;
290		290
291	case SSL3_ST_SW_HELLO_REQ_C:	291	case SSL3_ST_SW_HELLO_REQ_C:
292	s->state = SSL_ST_OK;	292	s->internal->state = SSL_ST_OK;
293	break;	293	break;
294		294
295	case SSL3_ST_SR_CLNT_HELLO_A:	295	case SSL3_ST_SR_CLNT_HELLO_A:
@@ -303,9 +303,9 @@ dtls1_accept(SSL *s)
303	dtls1_stop_timer(s);	303	dtls1_stop_timer(s);
304		304
305	if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))	305	if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
306	s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;	306	s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
307	else	307	else
308	s->state = SSL3_ST_SW_SRVR_HELLO_A;	308	s->internal->state = SSL3_ST_SW_SRVR_HELLO_A;
309		309
310	s->internal->init_num = 0;	310	s->internal->init_num = 0;
311		311
@@ -315,7 +315,7 @@ dtls1_accept(SSL *s)
315	}	315	}
316		316
317	/* If we're just listening, stop here */	317	/* If we're just listening, stop here */
318	if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A) {	318	if (listen && s->internal->state == SSL3_ST_SW_SRVR_HELLO_A) {
319	ret = 2;	319	ret = 2;
320	D1I(s)->listen = 0;	320	D1I(s)->listen = 0;
321	/* Set expected sequence numbers	321	/* Set expected sequence numbers
@@ -335,7 +335,7 @@ dtls1_accept(SSL *s)
335	ret = dtls1_send_hello_verify_request(s);	335	ret = dtls1_send_hello_verify_request(s);
336	if (ret <= 0)	336	if (ret <= 0)
337	goto end;	337	goto end;
338	s->state = SSL3_ST_SW_FLUSH;	338	s->internal->state = SSL3_ST_SW_FLUSH;
339	S3I(s)->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;	339	S3I(s)->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
340		340
341	/* HelloVerifyRequest resets Finished MAC */	341	/* HelloVerifyRequest resets Finished MAC */
@@ -356,11 +356,11 @@ dtls1_accept(SSL *s)
356		356
357	if (s->internal->hit) {	357	if (s->internal->hit) {
358	if (s->internal->tlsext_ticket_expected)	358	if (s->internal->tlsext_ticket_expected)
359	s->state = SSL3_ST_SW_SESSION_TICKET_A;	359	s->internal->state = SSL3_ST_SW_SESSION_TICKET_A;
360	else	360	else
361	s->state = SSL3_ST_SW_CHANGE_A;	361	s->internal->state = SSL3_ST_SW_CHANGE_A;
362	} else	362	} else
363	s->state = SSL3_ST_SW_CERT_A;	363	s->internal->state = SSL3_ST_SW_CERT_A;
364	s->internal->init_num = 0;	364	s->internal->init_num = 0;
365	break;	365	break;
366		366
@@ -374,12 +374,12 @@ dtls1_accept(SSL *s)
374	if (ret <= 0)	374	if (ret <= 0)
375	goto end;	375	goto end;
376	if (s->internal->tlsext_status_expected)	376	if (s->internal->tlsext_status_expected)
377	s->state = SSL3_ST_SW_CERT_STATUS_A;	377	s->internal->state = SSL3_ST_SW_CERT_STATUS_A;
378	else	378	else
379	s->state = SSL3_ST_SW_KEY_EXCH_A;	379	s->internal->state = SSL3_ST_SW_KEY_EXCH_A;
380	} else {	380	} else {
381	skip = 1;	381	skip = 1;
382	s->state = SSL3_ST_SW_KEY_EXCH_A;	382	s->internal->state = SSL3_ST_SW_KEY_EXCH_A;
383	}	383	}
384	s->internal->init_num = 0;	384	s->internal->init_num = 0;
385	break;	385	break;
@@ -397,7 +397,7 @@ dtls1_accept(SSL *s)
397	} else	397	} else
398	skip = 1;	398	skip = 1;
399		399
400	s->state = SSL3_ST_SW_CERT_REQ_A;	400	s->internal->state = SSL3_ST_SW_CERT_REQ_A;
401	s->internal->init_num = 0;	401	s->internal->init_num = 0;
402	break;	402	break;
403		403
@@ -429,14 +429,14 @@ dtls1_accept(SSL *s)
429	/* no cert request */	429	/* no cert request */
430	skip = 1;	430	skip = 1;
431	S3I(s)->tmp.cert_request = 0;	431	S3I(s)->tmp.cert_request = 0;
432	s->state = SSL3_ST_SW_SRVR_DONE_A;	432	s->internal->state = SSL3_ST_SW_SRVR_DONE_A;
433	} else {	433	} else {
434	S3I(s)->tmp.cert_request = 1;	434	S3I(s)->tmp.cert_request = 1;
435	dtls1_start_timer(s);	435	dtls1_start_timer(s);
436	ret = ssl3_send_certificate_request(s);	436	ret = ssl3_send_certificate_request(s);
437	if (ret <= 0)	437	if (ret <= 0)
438	goto end;	438	goto end;
439	s->state = SSL3_ST_SW_SRVR_DONE_A;	439	s->internal->state = SSL3_ST_SW_SRVR_DONE_A;
440	s->internal->init_num = 0;	440	s->internal->init_num = 0;
441	}	441	}
442	break;	442	break;
@@ -448,7 +448,7 @@ dtls1_accept(SSL *s)
448	if (ret <= 0)	448	if (ret <= 0)
449	goto end;	449	goto end;
450	S3I(s)->tmp.next_state = SSL3_ST_SR_CERT_A;	450	S3I(s)->tmp.next_state = SSL3_ST_SR_CERT_A;
451	s->state = SSL3_ST_SW_FLUSH;	451	s->internal->state = SSL3_ST_SW_FLUSH;
452	s->internal->init_num = 0;	452	s->internal->init_num = 0;
453	break;	453	break;
454		454
@@ -458,14 +458,14 @@ dtls1_accept(SSL *s)
458	/* If the write error was fatal, stop trying */	458	/* If the write error was fatal, stop trying */
459	if (!BIO_should_retry(s->wbio)) {	459	if (!BIO_should_retry(s->wbio)) {
460	s->internal->rwstate = SSL_NOTHING;	460	s->internal->rwstate = SSL_NOTHING;
461	s->state = S3I(s)->tmp.next_state;	461	s->internal->state = S3I(s)->tmp.next_state;
462	}	462	}
463		463
464	ret = -1;	464	ret = -1;
465	goto end;	465	goto end;
466	}	466	}
467	s->internal->rwstate = SSL_NOTHING;	467	s->internal->rwstate = SSL_NOTHING;
468	s->state = S3I(s)->tmp.next_state;	468	s->internal->state = S3I(s)->tmp.next_state;
469	break;	469	break;
470		470
471	case SSL3_ST_SR_CERT_A:	471	case SSL3_ST_SR_CERT_A:
@@ -476,7 +476,7 @@ dtls1_accept(SSL *s)
476	goto end;	476	goto end;
477	}	477	}
478	s->internal->init_num = 0;	478	s->internal->init_num = 0;
479	s->state = SSL3_ST_SR_KEY_EXCH_A;	479	s->internal->state = SSL3_ST_SR_KEY_EXCH_A;
480	break;	480	break;
481		481
482	case SSL3_ST_SR_KEY_EXCH_A:	482	case SSL3_ST_SR_KEY_EXCH_A:
@@ -485,7 +485,7 @@ dtls1_accept(SSL *s)
485	if (ret <= 0)	485	if (ret <= 0)
486	goto end;	486	goto end;
487		487
488	s->state = SSL3_ST_SR_CERT_VRFY_A;	488	s->internal->state = SSL3_ST_SR_CERT_VRFY_A;
489	s->internal->init_num = 0;	489	s->internal->init_num = 0;
490		490
491	if (ret == 2) {	491	if (ret == 2) {
@@ -494,10 +494,10 @@ dtls1_accept(SSL *s)
494	* a certificate, the CertificateVerify	494	* a certificate, the CertificateVerify
495	* message is not sent.	495	* message is not sent.
496	*/	496	*/
497	s->state = SSL3_ST_SR_FINISHED_A;	497	s->internal->state = SSL3_ST_SR_FINISHED_A;
498	s->internal->init_num = 0;	498	s->internal->init_num = 0;
499	} else if (SSL_USE_SIGALGS(s)) {	499	} else if (SSL_USE_SIGALGS(s)) {
500	s->state = SSL3_ST_SR_CERT_VRFY_A;	500	s->internal->state = SSL3_ST_SR_CERT_VRFY_A;
501	s->internal->init_num = 0;	501	s->internal->init_num = 0;
502	if (!s->session->peer)	502	if (!s->session->peer)
503	break;	503	break;
@@ -518,7 +518,7 @@ dtls1_accept(SSL *s)
518	goto end;	518	goto end;
519	}	519	}
520	} else {	520	} else {
521	s->state = SSL3_ST_SR_CERT_VRFY_A;	521	s->internal->state = SSL3_ST_SR_CERT_VRFY_A;
522	s->internal->init_num = 0;	522	s->internal->init_num = 0;
523		523
524	/* We need to get hashes here so if there is	524	/* We need to get hashes here so if there is
@@ -539,7 +539,7 @@ dtls1_accept(SSL *s)
539	ret = ssl3_get_cert_verify(s);	539	ret = ssl3_get_cert_verify(s);
540	if (ret <= 0)	540	if (ret <= 0)
541	goto end;	541	goto end;
542	s->state = SSL3_ST_SR_FINISHED_A;	542	s->internal->state = SSL3_ST_SR_FINISHED_A;
543	s->internal->init_num = 0;	543	s->internal->init_num = 0;
544	break;	544	break;
545		545
@@ -552,11 +552,11 @@ dtls1_accept(SSL *s)
552	goto end;	552	goto end;
553	dtls1_stop_timer(s);	553	dtls1_stop_timer(s);
554	if (s->internal->hit)	554	if (s->internal->hit)
555	s->state = SSL_ST_OK;	555	s->internal->state = SSL_ST_OK;
556	else if (s->internal->tlsext_ticket_expected)	556	else if (s->internal->tlsext_ticket_expected)
557	s->state = SSL3_ST_SW_SESSION_TICKET_A;	557	s->internal->state = SSL3_ST_SW_SESSION_TICKET_A;
558	else	558	else
559	s->state = SSL3_ST_SW_CHANGE_A;	559	s->internal->state = SSL3_ST_SW_CHANGE_A;
560	s->internal->init_num = 0;	560	s->internal->init_num = 0;
561	break;	561	break;
562		562
@@ -565,7 +565,7 @@ dtls1_accept(SSL *s)
565	ret = ssl3_send_newsession_ticket(s);	565	ret = ssl3_send_newsession_ticket(s);
566	if (ret <= 0)	566	if (ret <= 0)
567	goto end;	567	goto end;
568	s->state = SSL3_ST_SW_CHANGE_A;	568	s->internal->state = SSL3_ST_SW_CHANGE_A;
569	s->internal->init_num = 0;	569	s->internal->init_num = 0;
570	break;	570	break;
571		571
@@ -574,7 +574,7 @@ dtls1_accept(SSL *s)
574	ret = ssl3_send_cert_status(s);	574	ret = ssl3_send_cert_status(s);
575	if (ret <= 0)	575	if (ret <= 0)
576	goto end;	576	goto end;
577	s->state = SSL3_ST_SW_KEY_EXCH_A;	577	s->internal->state = SSL3_ST_SW_KEY_EXCH_A;
578	s->internal->init_num = 0;	578	s->internal->init_num = 0;
579	break;	579	break;
580		580
@@ -595,7 +595,7 @@ dtls1_accept(SSL *s)
595	goto end;	595	goto end;
596		596
597		597
598	s->state = SSL3_ST_SW_FINISHED_A;	598	s->internal->state = SSL3_ST_SW_FINISHED_A;
599	s->internal->init_num = 0;	599	s->internal->init_num = 0;
600		600
601	if (!s->method->ssl3_enc->change_cipher_state(s,	601	if (!s->method->ssl3_enc->change_cipher_state(s,
@@ -615,7 +615,7 @@ dtls1_accept(SSL *s)
615	s->method->ssl3_enc->server_finished_label_len);	615	s->method->ssl3_enc->server_finished_label_len);
616	if (ret <= 0)	616	if (ret <= 0)
617	goto end;	617	goto end;
618	s->state = SSL3_ST_SW_FLUSH;	618	s->internal->state = SSL3_ST_SW_FLUSH;
619	if (s->internal->hit) {	619	if (s->internal->hit) {
620	S3I(s)->tmp.next_state = SSL3_ST_SR_FINISHED_A;	620	S3I(s)->tmp.next_state = SSL3_ST_SR_FINISHED_A;
621		621
@@ -672,11 +672,11 @@ dtls1_accept(SSL *s)
672	goto end;	672	goto end;
673	}	673	}
674		674
675	if ((cb != NULL) && (s->state != state)) {	675	if ((cb != NULL) && (s->internal->state != state)) {
676	new_state = s->state;	676	new_state = s->internal->state;
677	s->state = state;	677	s->internal->state = state;
678	cb(s, SSL_CB_ACCEPT_LOOP, 1);	678	cb(s, SSL_CB_ACCEPT_LOOP, 1);
679	s->state = new_state;	679	s->internal->state = new_state;
680	}	680	}
681	}	681	}
682	skip = 0;	682	skip = 0;
@@ -697,7 +697,7 @@ dtls1_send_hello_verify_request(SSL *s)
697	{	697	{
698	unsigned char d, p;	698	unsigned char d, p;
699		699
700	if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {	700	if (s->internal->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
701	d = p = ssl3_handshake_msg_start(s,	701	d = p = ssl3_handshake_msg_start(s,
702	DTLS1_MT_HELLO_VERIFY_REQUEST);	702	DTLS1_MT_HELLO_VERIFY_REQUEST);
703		703
@@ -718,9 +718,9 @@ dtls1_send_hello_verify_request(SSL *s)
718		718
719	ssl3_handshake_msg_finish(s, p - d);	719	ssl3_handshake_msg_finish(s, p - d);
720		720
721	s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;	721	s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
722	}	722	}
723		723
724	/* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */	724	/* s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
725	return (ssl3_handshake_write(s));	725	return (ssl3_handshake_write(s));
726	}	726	}