diff options
Diffstat (limited to 'src/lib/libssl/d1_clnt.c')
| -rw-r--r-- | src/lib/libssl/d1_clnt.c | 36 |
1 files changed, 22 insertions, 14 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index a6ed09c51d..48e5e06bde 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c | |||
| @@ -538,13 +538,6 @@ int dtls1_connect(SSL *s) | |||
| 538 | SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B); | 538 | SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B); |
| 539 | if (ret <= 0) goto end; | 539 | if (ret <= 0) goto end; |
| 540 | 540 | ||
| 541 | #ifndef OPENSSL_NO_SCTP | ||
| 542 | /* Change to new shared key of SCTP-Auth, | ||
| 543 | * will be ignored if no SCTP used. | ||
| 544 | */ | ||
| 545 | BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL); | ||
| 546 | #endif | ||
| 547 | |||
| 548 | s->state=SSL3_ST_CW_FINISHED_A; | 541 | s->state=SSL3_ST_CW_FINISHED_A; |
| 549 | s->init_num=0; | 542 | s->init_num=0; |
| 550 | 543 | ||
| @@ -571,6 +564,16 @@ int dtls1_connect(SSL *s) | |||
| 571 | goto end; | 564 | goto end; |
| 572 | } | 565 | } |
| 573 | 566 | ||
| 567 | #ifndef OPENSSL_NO_SCTP | ||
| 568 | if (s->hit) | ||
| 569 | { | ||
| 570 | /* Change to new shared key of SCTP-Auth, | ||
| 571 | * will be ignored if no SCTP used. | ||
| 572 | */ | ||
| 573 | BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL); | ||
| 574 | } | ||
| 575 | #endif | ||
| 576 | |||
| 574 | dtls1_reset_seq_numbers(s, SSL3_CC_WRITE); | 577 | dtls1_reset_seq_numbers(s, SSL3_CC_WRITE); |
| 575 | break; | 578 | break; |
| 576 | 579 | ||
| @@ -613,6 +616,13 @@ int dtls1_connect(SSL *s) | |||
| 613 | } | 616 | } |
| 614 | else | 617 | else |
| 615 | { | 618 | { |
| 619 | #ifndef OPENSSL_NO_SCTP | ||
| 620 | /* Change to new shared key of SCTP-Auth, | ||
| 621 | * will be ignored if no SCTP used. | ||
| 622 | */ | ||
| 623 | BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL); | ||
| 624 | #endif | ||
| 625 | |||
| 616 | #ifndef OPENSSL_NO_TLSEXT | 626 | #ifndef OPENSSL_NO_TLSEXT |
| 617 | /* Allow NewSessionTicket if ticket expected */ | 627 | /* Allow NewSessionTicket if ticket expected */ |
| 618 | if (s->tlsext_ticket_expected) | 628 | if (s->tlsext_ticket_expected) |
| @@ -773,7 +783,7 @@ int dtls1_client_hello(SSL *s) | |||
| 773 | unsigned char *buf; | 783 | unsigned char *buf; |
| 774 | unsigned char *p,*d; | 784 | unsigned char *p,*d; |
| 775 | unsigned int i,j; | 785 | unsigned int i,j; |
| 776 | unsigned long Time,l; | 786 | unsigned long l; |
| 777 | SSL_COMP *comp; | 787 | SSL_COMP *comp; |
| 778 | 788 | ||
| 779 | buf=(unsigned char *)s->init_buf->data; | 789 | buf=(unsigned char *)s->init_buf->data; |
| @@ -798,13 +808,11 @@ int dtls1_client_hello(SSL *s) | |||
| 798 | 808 | ||
| 799 | /* if client_random is initialized, reuse it, we are | 809 | /* if client_random is initialized, reuse it, we are |
| 800 | * required to use same upon reply to HelloVerify */ | 810 | * required to use same upon reply to HelloVerify */ |
| 801 | for (i=0;p[i]=='\0' && i<sizeof(s->s3->client_random);i++) ; | 811 | for (i=0;p[i]=='\0' && i<sizeof(s->s3->client_random);i++) |
| 812 | ; | ||
| 802 | if (i==sizeof(s->s3->client_random)) | 813 | if (i==sizeof(s->s3->client_random)) |
| 803 | { | 814 | ssl_fill_hello_random(s, 0, p, |
| 804 | Time=(unsigned long)time(NULL); /* Time */ | 815 | sizeof(s->s3->client_random)); |
| 805 | l2n(Time,p); | ||
| 806 | RAND_pseudo_bytes(p,sizeof(s->s3->client_random)-4); | ||
| 807 | } | ||
| 808 | 816 | ||
| 809 | /* Do the message type and length last */ | 817 | /* Do the message type and length last */ |
| 810 | d=p= &(buf[DTLS1_HM_HEADER_LENGTH]); | 818 | d=p= &(buf[DTLS1_HM_HEADER_LENGTH]); |