1 files changed, 20 insertions, 20 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index d4b8031150..af3196ff17 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_clnt.c,v 1.61 2017/01/22 07:16:38 beck Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.62 2017/01/22 09:02:07 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -270,7 +270,7 @@ dtls1_connect(SSL *s)
                        if (D1I(s)->send_cookie) {
                                s->state = SSL3_ST_CW_FLUSH;
-                                s->s3->tmp.next_state = SSL3_ST_CR_SRVR_HELLO_A;
+                                S3I(s)->tmp.next_state = SSL3_ST_CR_SRVR_HELLO_A;
                        } else
                                s->state = SSL3_ST_CR_SRVR_HELLO_A;
@@ -326,7 +326,7 @@ dtls1_connect(SSL *s)
                                break;
                        }
                        /* Check if it is anon DH. */
-                        if (!(s->s3->tmp.new_cipher->algorithm_auth &
+                        if (!(S3I(s)->tmp.new_cipher->algorithm_auth &
                            SSL_aNULL)) {
                                ret = ssl3_get_server_certificate(s);
                                if (ret <= 0)
@@ -373,12 +373,12 @@ dtls1_connect(SSL *s)
                        if (ret <= 0)
                                goto end;
                        dtls1_stop_timer(s);
-                        if (s->s3->tmp.cert_req)
+                        if (S3I(s)->tmp.cert_req)
-                                s->s3->tmp.next_state = SSL3_ST_CW_CERT_A;
+                                S3I(s)->tmp.next_state = SSL3_ST_CW_CERT_A;
                        else
-                                s->s3->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;
+                                S3I(s)->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;
                        s->init_num = 0;
-                        s->state = s->s3->tmp.next_state;
+                        s->state = S3I(s)->tmp.next_state;
                        break;
                case SSL3_ST_CW_CERT_A:
@@ -404,11 +404,11 @@ dtls1_connect(SSL *s)
                         * sent back */
                        /* For TLS, cert_req is set to 2, so a cert chain
                         * of nothing is sent, but no verify packet is sent */
-                        if (s->s3->tmp.cert_req == 1) {
+                        if (S3I(s)->tmp.cert_req == 1) {
                                s->state = SSL3_ST_CW_CERT_VRFY_A;
                        } else {
                                s->state = SSL3_ST_CW_CHANGE_A;
-                                s->s3->change_cipher_spec = 0;
+                                S3I(s)->change_cipher_spec = 0;
                        }
                        s->init_num = 0;
@@ -422,7 +422,7 @@ dtls1_connect(SSL *s)
                                goto end;
                        s->state = SSL3_ST_CW_CHANGE_A;
                        s->init_num = 0;
-                        s->s3->change_cipher_spec = 0;
+                        S3I(s)->change_cipher_spec = 0;
                        break;
                case SSL3_ST_CW_CHANGE_A:
@@ -437,7 +437,7 @@ dtls1_connect(SSL *s)
                        s->state = SSL3_ST_CW_FINISHED_A;
                        s->init_num = 0;
-                        s->session->cipher = s->s3->tmp.new_cipher;
+                        s->session->cipher = S3I(s)->tmp.new_cipher;
                        if (!s->method->ssl3_enc->setup_key_block(s)) {
                                ret = -1;
                                goto end;
@@ -468,20 +468,20 @@ dtls1_connect(SSL *s)
                        /* clear flags */
                        s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
                        if (s->hit) {
-                                s->s3->tmp.next_state = SSL_ST_OK;
+                                S3I(s)->tmp.next_state = SSL_ST_OK;
                                if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
                                        s->state = SSL_ST_OK;
                                        s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
-                                        s->s3->delay_buf_pop_ret = 0;
+                                        S3I(s)->delay_buf_pop_ret = 0;
                                }
                        } else {
                                /* Allow NewSessionTicket if ticket expected */
                                if (s->tlsext_ticket_expected)
-                                        s->s3->tmp.next_state =
+                                        S3I(s)->tmp.next_state =
                                            SSL3_ST_CR_SESSION_TICKET_A;
                                else
-                                        s->s3->tmp.next_state =
+                                        S3I(s)->tmp.next_state =
                                            SSL3_ST_CR_FINISHED_A;
                        }
                        s->init_num = 0;
@@ -529,14 +529,14 @@ dtls1_connect(SSL *s)
                                /* If the write error was fatal, stop trying */
                                if (!BIO_should_retry(s->wbio)) {
                                        s->rwstate = SSL_NOTHING;
-                                        s->state = s->s3->tmp.next_state;
+                                        s->state = S3I(s)->tmp.next_state;
                                }
                                ret = -1;
                                goto end;
                        }
                        s->rwstate = SSL_NOTHING;
-                        s->state = s->s3->tmp.next_state;
+                        s->state = S3I(s)->tmp.next_state;
                        break;
                case SSL_ST_OK:
@@ -579,7 +579,7 @@ dtls1_connect(SSL *s)
                }
                /* did we do anything */
-                if (!s->s3->tmp.reuse_message && !skip) {
+                if (!S3I(s)->tmp.reuse_message && !skip) {
                        if (s->debug) {
                                if ((ret = BIO_flush(s->wbio)) <= 0)
                                        goto end;
@@ -618,9 +618,9 @@ dtls1_get_hello_verify(SSL *s)
        if (!ok)
                return ((int)n);
-        if (s->s3->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
+        if (S3I(s)->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
                D1I(s)->send_cookie = 0;
-                s->s3->tmp.reuse_message = 1;
+                S3I(s)->tmp.reuse_message = 1;
                return (1);
        }

diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index d4b8031150..af3196ff17 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_clnt.c,v 1.61 2017/01/22 07:16:38 beck Exp $ */	1	/* $OpenBSD: d1_clnt.c,v 1.62 2017/01/22 09:02:07 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -270,7 +270,7 @@ dtls1_connect(SSL *s)
270		270
271	if (D1I(s)->send_cookie) {	271	if (D1I(s)->send_cookie) {
272	s->state = SSL3_ST_CW_FLUSH;	272	s->state = SSL3_ST_CW_FLUSH;
273	s->s3->tmp.next_state = SSL3_ST_CR_SRVR_HELLO_A;	273	S3I(s)->tmp.next_state = SSL3_ST_CR_SRVR_HELLO_A;
274	} else	274	} else
275	s->state = SSL3_ST_CR_SRVR_HELLO_A;	275	s->state = SSL3_ST_CR_SRVR_HELLO_A;
276		276
@@ -326,7 +326,7 @@ dtls1_connect(SSL *s)
326	break;	326	break;
327	}	327	}
328	/* Check if it is anon DH. */	328	/* Check if it is anon DH. */
329	if (!(s->s3->tmp.new_cipher->algorithm_auth &	329	if (!(S3I(s)->tmp.new_cipher->algorithm_auth &
330	SSL_aNULL)) {	330	SSL_aNULL)) {
331	ret = ssl3_get_server_certificate(s);	331	ret = ssl3_get_server_certificate(s);
332	if (ret <= 0)	332	if (ret <= 0)
@@ -373,12 +373,12 @@ dtls1_connect(SSL *s)
373	if (ret <= 0)	373	if (ret <= 0)
374	goto end;	374	goto end;
375	dtls1_stop_timer(s);	375	dtls1_stop_timer(s);
376	if (s->s3->tmp.cert_req)	376	if (S3I(s)->tmp.cert_req)
377	s->s3->tmp.next_state = SSL3_ST_CW_CERT_A;	377	S3I(s)->tmp.next_state = SSL3_ST_CW_CERT_A;
378	else	378	else
379	s->s3->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;	379	S3I(s)->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;
380	s->init_num = 0;	380	s->init_num = 0;
381	s->state = s->s3->tmp.next_state;	381	s->state = S3I(s)->tmp.next_state;
382	break;	382	break;
383		383
384	case SSL3_ST_CW_CERT_A:	384	case SSL3_ST_CW_CERT_A:
@@ -404,11 +404,11 @@ dtls1_connect(SSL *s)
404	* sent back */	404	* sent back */
405	/* For TLS, cert_req is set to 2, so a cert chain	405	/* For TLS, cert_req is set to 2, so a cert chain
406	* of nothing is sent, but no verify packet is sent */	406	* of nothing is sent, but no verify packet is sent */
407	if (s->s3->tmp.cert_req == 1) {	407	if (S3I(s)->tmp.cert_req == 1) {
408	s->state = SSL3_ST_CW_CERT_VRFY_A;	408	s->state = SSL3_ST_CW_CERT_VRFY_A;
409	} else {	409	} else {
410	s->state = SSL3_ST_CW_CHANGE_A;	410	s->state = SSL3_ST_CW_CHANGE_A;
411	s->s3->change_cipher_spec = 0;	411	S3I(s)->change_cipher_spec = 0;
412	}	412	}
413		413
414	s->init_num = 0;	414	s->init_num = 0;
@@ -422,7 +422,7 @@ dtls1_connect(SSL *s)
422	goto end;	422	goto end;
423	s->state = SSL3_ST_CW_CHANGE_A;	423	s->state = SSL3_ST_CW_CHANGE_A;
424	s->init_num = 0;	424	s->init_num = 0;
425	s->s3->change_cipher_spec = 0;	425	S3I(s)->change_cipher_spec = 0;
426	break;	426	break;
427		427
428	case SSL3_ST_CW_CHANGE_A:	428	case SSL3_ST_CW_CHANGE_A:
@@ -437,7 +437,7 @@ dtls1_connect(SSL *s)
437	s->state = SSL3_ST_CW_FINISHED_A;	437	s->state = SSL3_ST_CW_FINISHED_A;
438	s->init_num = 0;	438	s->init_num = 0;
439		439
440	s->session->cipher = s->s3->tmp.new_cipher;	440	s->session->cipher = S3I(s)->tmp.new_cipher;
441	if (!s->method->ssl3_enc->setup_key_block(s)) {	441	if (!s->method->ssl3_enc->setup_key_block(s)) {
442	ret = -1;	442	ret = -1;
443	goto end;	443	goto end;
@@ -468,20 +468,20 @@ dtls1_connect(SSL *s)
468	/* clear flags */	468	/* clear flags */
469	s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;	469	s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
470	if (s->hit) {	470	if (s->hit) {
471	s->s3->tmp.next_state = SSL_ST_OK;	471	S3I(s)->tmp.next_state = SSL_ST_OK;
472	if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {	472	if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
473	s->state = SSL_ST_OK;	473	s->state = SSL_ST_OK;
474	s->s3->flags \|= SSL3_FLAGS_POP_BUFFER;	474	s->s3->flags \|= SSL3_FLAGS_POP_BUFFER;
475	s->s3->delay_buf_pop_ret = 0;	475	S3I(s)->delay_buf_pop_ret = 0;
476	}	476	}
477	} else {	477	} else {
478		478
479	/* Allow NewSessionTicket if ticket expected */	479	/* Allow NewSessionTicket if ticket expected */
480	if (s->tlsext_ticket_expected)	480	if (s->tlsext_ticket_expected)
481	s->s3->tmp.next_state =	481	S3I(s)->tmp.next_state =
482	SSL3_ST_CR_SESSION_TICKET_A;	482	SSL3_ST_CR_SESSION_TICKET_A;
483	else	483	else
484	s->s3->tmp.next_state =	484	S3I(s)->tmp.next_state =
485	SSL3_ST_CR_FINISHED_A;	485	SSL3_ST_CR_FINISHED_A;
486	}	486	}
487	s->init_num = 0;	487	s->init_num = 0;
@@ -529,14 +529,14 @@ dtls1_connect(SSL *s)
529	/* If the write error was fatal, stop trying */	529	/* If the write error was fatal, stop trying */
530	if (!BIO_should_retry(s->wbio)) {	530	if (!BIO_should_retry(s->wbio)) {
531	s->rwstate = SSL_NOTHING;	531	s->rwstate = SSL_NOTHING;
532	s->state = s->s3->tmp.next_state;	532	s->state = S3I(s)->tmp.next_state;
533	}	533	}
534		534
535	ret = -1;	535	ret = -1;
536	goto end;	536	goto end;
537	}	537	}
538	s->rwstate = SSL_NOTHING;	538	s->rwstate = SSL_NOTHING;
539	s->state = s->s3->tmp.next_state;	539	s->state = S3I(s)->tmp.next_state;
540	break;	540	break;
541		541
542	case SSL_ST_OK:	542	case SSL_ST_OK:
@@ -579,7 +579,7 @@ dtls1_connect(SSL *s)
579	}	579	}
580		580
581	/* did we do anything */	581	/* did we do anything */
582	if (!s->s3->tmp.reuse_message && !skip) {	582	if (!S3I(s)->tmp.reuse_message && !skip) {
583	if (s->debug) {	583	if (s->debug) {
584	if ((ret = BIO_flush(s->wbio)) <= 0)	584	if ((ret = BIO_flush(s->wbio)) <= 0)
585	goto end;	585	goto end;
@@ -618,9 +618,9 @@ dtls1_get_hello_verify(SSL *s)
618	if (!ok)	618	if (!ok)
619	return ((int)n);	619	return ((int)n);
620		620
621	if (s->s3->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {	621	if (S3I(s)->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
622	D1I(s)->send_cookie = 0;	622	D1I(s)->send_cookie = 0;
623	s->s3->tmp.reuse_message = 1;	623	S3I(s)->tmp.reuse_message = 1;
624	return (1);	624	return (1);
625	}	625	}
626		626