1 files changed, 10 insertions, 184 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index a6ed09c51d..089fa4c7f8 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -150,11 +150,7 @@ int dtls1_connect(SSL *s)
        unsigned long Time=(unsigned long)time(NULL);
        void (*cb)(const SSL *ssl,int type,int val)=NULL;
        int ret= -1;
-        int new_state,state,skip=0;
+        int new_state,state,skip=0;;
-#ifndef OPENSSL_NO_SCTP
-        unsigned char sctpauthkey[64];
-        char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
-#endif
        RAND_add(&Time,sizeof(Time),0);
        ERR_clear_error();
@@ -168,27 +164,6 @@ int dtls1_connect(SSL *s)
        s->in_handshake++;
        if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 
-#ifndef OPENSSL_NO_SCTP
-        /* Notify SCTP BIO socket to enter handshake
-         * mode and prevent stream identifier other
-         * than 0. Will be ignored if no SCTP is used.
-         */
-        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);
-#endif
-#ifndef OPENSSL_NO_HEARTBEATS
-        /* If we're awaiting a HeartbeatResponse, pretend we
-         * already got and don't await it anymore, because
-         * Heartbeats don't make sense during handshakes anyway.
-         */
-        if (s->tlsext_hb_pending)
-                {
-                dtls1_stop_timer(s);
-                s->tlsext_hb_pending = 0;
-                s->tlsext_hb_seq++;
-                }
-#endif
        for (;;)
                {
                state=s->state;
@@ -196,7 +171,7 @@ int dtls1_connect(SSL *s)
                switch(s->state)
                        {
                case SSL_ST_RENEGOTIATE:
-                        s->renegotiate=1;
+                        s->new_session=1;
                        s->state=SSL_ST_CONNECT;
                        s->ctx->stats.sess_connect_renegotiate++;
                        /* break */
@@ -251,42 +226,6 @@ int dtls1_connect(SSL *s)
                        s->hit = 0;
                        break;
-#ifndef OPENSSL_NO_SCTP
-                case DTLS1_SCTP_ST_CR_READ_SOCK:
-                        if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s)))
-                        {
-                                s->s3->in_read_app_data=2;
-                                s->rwstate=SSL_READING;
-                                BIO_clear_retry_flags(SSL_get_rbio(s));
-                                BIO_set_retry_read(SSL_get_rbio(s));
-                                ret = -1;
-                                goto end;
-                        }
-                        s->state=s->s3->tmp.next_state;
-                        break;
-                case DTLS1_SCTP_ST_CW_WRITE_SOCK:
-                        /* read app data until dry event */
-                        ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
-                        if (ret < 0) goto end;
-                        if (ret == 0)
-                        {
-                                s->s3->in_read_app_data=2;
-                                s->rwstate=SSL_READING;
-                                BIO_clear_retry_flags(SSL_get_rbio(s));
-                                BIO_set_retry_read(SSL_get_rbio(s));
-                                ret = -1;
-                                goto end;
-                        }
-                        s->state=s->d1->next_state;
-                        break;
-#endif
                case SSL3_ST_CW_CLNT_HELLO_A:
                case SSL3_ST_CW_CLNT_HELLO_B:
@@ -309,17 +248,9 @@ int dtls1_connect(SSL *s)
                        s->init_num=0;
-#ifndef OPENSSL_NO_SCTP
+                        /* turn on buffering for the next lot of output */
-                        /* Disable buffering for SCTP */
+                        if (s->bbio != s->wbio)
-                        if (!BIO_dgram_is_sctp(SSL_get_wbio(s)))
+                                s->wbio=BIO_push(s->bbio,s->wbio);
-                                {
-#endif
-                                /* turn on buffering for the next lot of output */
-                                if (s->bbio != s->wbio)
-                                        s->wbio=BIO_push(s->bbio,s->wbio);
-#ifndef OPENSSL_NO_SCTP
-                                }
-#endif
                        break;
@@ -329,25 +260,9 @@ int dtls1_connect(SSL *s)
                        if (ret <= 0) goto end;
                        else
                                {
+                                dtls1_stop_timer(s);
                                if (s->hit)
-                                        {
-#ifndef OPENSSL_NO_SCTP
-                                        /* Add new shared key for SCTP-Auth,
-                                         * will be ignored if no SCTP used.
-                                         */
-                                        snprintf((char*) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
-                                                 DTLS1_SCTP_AUTH_LABEL);
-                                        SSL_export_keying_material(s, sctpauthkey,
-                                                                   sizeof(sctpauthkey), labelbuffer,
-                                                                   sizeof(labelbuffer), NULL, 0, 0);
-                                        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
-                                                         sizeof(sctpauthkey), sctpauthkey);
-#endif
                                        s->state=SSL3_ST_CR_FINISHED_A;
-                                        }
                                else
                                        s->state=DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
                                }
@@ -439,20 +354,12 @@ int dtls1_connect(SSL *s)
                case SSL3_ST_CR_SRVR_DONE_B:
                        ret=ssl3_get_server_done(s);
                        if (ret <= 0) goto end;
-                        dtls1_stop_timer(s);
                        if (s->s3->tmp.cert_req)
-                                s->s3->tmp.next_state=SSL3_ST_CW_CERT_A;
+                                s->state=SSL3_ST_CW_CERT_A;
                        else
-                                s->s3->tmp.next_state=SSL3_ST_CW_KEY_EXCH_A;
+                                s->state=SSL3_ST_CW_KEY_EXCH_A;
                        s->init_num=0;
-#ifndef OPENSSL_NO_SCTP                 
-                        if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
-                            state == SSL_ST_RENEGOTIATE)
-                                s->state=DTLS1_SCTP_ST_CR_READ_SOCK;
-                        else
-#endif                  
-                        s->state=s->s3->tmp.next_state;
                        break;
                case SSL3_ST_CW_CERT_A:
@@ -471,22 +378,6 @@ int dtls1_connect(SSL *s)
                        dtls1_start_timer(s);
                        ret=dtls1_send_client_key_exchange(s);
                        if (ret <= 0) goto end;
-#ifndef OPENSSL_NO_SCTP
-                        /* Add new shared key for SCTP-Auth,
-                         * will be ignored if no SCTP used.
-                         */
-                        snprintf((char*) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
-                                 DTLS1_SCTP_AUTH_LABEL);
-                        SSL_export_keying_material(s, sctpauthkey,
-                                                   sizeof(sctpauthkey), labelbuffer,
-                                                   sizeof(labelbuffer), NULL, 0, 0);
-                        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
-                                         sizeof(sctpauthkey), sctpauthkey);
-#endif
                        /* EAY EAY EAY need to check for DH fix cert
                         * sent back */
                        /* For TLS, cert_req is set to 2, so a cert chain
@@ -497,15 +388,7 @@ int dtls1_connect(SSL *s)
                                }
                        else
                                {
-#ifndef OPENSSL_NO_SCTP
+                                s->state=SSL3_ST_CW_CHANGE_A;
-                                if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
-                                        {
-                                        s->d1->next_state=SSL3_ST_CW_CHANGE_A;
-                                        s->state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                                        }
-                                else
-#endif
-                                        s->state=SSL3_ST_CW_CHANGE_A;
                                s->s3->change_cipher_spec=0;
                                }
@@ -517,15 +400,7 @@ int dtls1_connect(SSL *s)
                        dtls1_start_timer(s);
                        ret=dtls1_send_client_verify(s);
                        if (ret <= 0) goto end;
-#ifndef OPENSSL_NO_SCTP
+                        s->state=SSL3_ST_CW_CHANGE_A;
-                        if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
-                        {
-                                s->d1->next_state=SSL3_ST_CW_CHANGE_A;
-                                s->state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                        }
-                        else
-#endif
-                                s->state=SSL3_ST_CW_CHANGE_A;
                        s->init_num=0;
                        s->s3->change_cipher_spec=0;
                        break;
@@ -537,14 +412,6 @@ int dtls1_connect(SSL *s)
                        ret=dtls1_send_change_cipher_spec(s,
                                SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
                        if (ret <= 0) goto end;
-#ifndef OPENSSL_NO_SCTP
-                        /* Change to new shared key of SCTP-Auth,
-                         * will be ignored if no SCTP used.
-                         */
-                        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
-#endif
                        s->state=SSL3_ST_CW_FINISHED_A;
                        s->init_num=0;
@@ -590,23 +457,9 @@ int dtls1_connect(SSL *s)
                        if (s->hit)
                                {
                                s->s3->tmp.next_state=SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
-                                if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
-                                        {
-                                                s->d1->next_state = s->s3->tmp.next_state;
-                                                s->s3->tmp.next_state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                                        }
-#endif
                                if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
                                        {
                                        s->state=SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
-                                        if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
-                                                {
-                                                        s->d1->next_state = SSL_ST_OK;
-                                                        s->state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                                                }
-#endif
                                        s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
                                        s->s3->delay_buf_pop_ret=0;
                                        }
@@ -655,16 +508,6 @@ int dtls1_connect(SSL *s)
                                s->state=SSL3_ST_CW_CHANGE_A;
                        else
                                s->state=SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
-                        if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
-                                state == SSL_ST_RENEGOTIATE)
-                                {
-                                s->d1->next_state=s->state;
-                                s->state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                                }
-#endif
                        s->init_num=0;
                        break;
@@ -672,13 +515,6 @@ int dtls1_connect(SSL *s)
                        s->rwstate=SSL_WRITING;
                        if (BIO_flush(s->wbio) <= 0)
                                {
-                                /* If the write error was fatal, stop trying */
-                                if (!BIO_should_retry(s->wbio))
-                                        {
-                                        s->rwstate=SSL_NOTHING;
-                                        s->state=s->s3->tmp.next_state;
-                                        }
-                                
                                ret= -1;
                                goto end;
                                }
@@ -705,7 +541,6 @@ int dtls1_connect(SSL *s)
                        /* else do it later in ssl3_write */
                        s->init_num=0;
-                        s->renegotiate=0;
                        s->new_session=0;
                        ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
@@ -752,15 +587,6 @@ int dtls1_connect(SSL *s)
                }
 end:
        s->in_handshake--;
-        
-#ifndef OPENSSL_NO_SCTP
-        /* Notify SCTP BIO socket to leave handshake
-         * mode and allow stream identifier other
-         * than 0. Will be ignored if no SCTP is used.
-         */
-        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);
-#endif
        if (buf != NULL)
                BUF_MEM_free(buf);
        if (cb != NULL)

diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index a6ed09c51d..089fa4c7f8 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c
@@ -150,11 +150,7 @@ int dtls1_connect(SSL *s)
150	unsigned long Time=(unsigned long)time(NULL);	150	unsigned long Time=(unsigned long)time(NULL);
151	void (cb)(const SSL ssl,int type,int val)=NULL;	151	void (cb)(const SSL ssl,int type,int val)=NULL;
152	int ret= -1;	152	int ret= -1;
153	int new_state,state,skip=0;	153	int new_state,state,skip=0;;
154	#ifndef OPENSSL_NO_SCTP
155	unsigned char sctpauthkey[64];
156	char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
157	#endif
158		154
159	RAND_add(&Time,sizeof(Time),0);	155	RAND_add(&Time,sizeof(Time),0);
160	ERR_clear_error();	156	ERR_clear_error();
@@ -168,27 +164,6 @@ int dtls1_connect(SSL *s)
168	s->in_handshake++;	164	s->in_handshake++;
169	if (!SSL_in_init(s) \|\| SSL_in_before(s)) SSL_clear(s);	165	if (!SSL_in_init(s) \|\| SSL_in_before(s)) SSL_clear(s);
170		166
171	#ifndef OPENSSL_NO_SCTP
172	/* Notify SCTP BIO socket to enter handshake
173	* mode and prevent stream identifier other
174	* than 0. Will be ignored if no SCTP is used.
175	*/
176	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);
177	#endif
178
179	#ifndef OPENSSL_NO_HEARTBEATS
180	/* If we're awaiting a HeartbeatResponse, pretend we
181	* already got and don't await it anymore, because
182	* Heartbeats don't make sense during handshakes anyway.
183	*/
184	if (s->tlsext_hb_pending)
185	{
186	dtls1_stop_timer(s);
187	s->tlsext_hb_pending = 0;
188	s->tlsext_hb_seq++;
189	}
190	#endif
191
192	for (;;)	167	for (;;)
193	{	168	{
194	state=s->state;	169	state=s->state;
@@ -196,7 +171,7 @@ int dtls1_connect(SSL *s)
196	switch(s->state)	171	switch(s->state)
197	{	172	{
198	case SSL_ST_RENEGOTIATE:	173	case SSL_ST_RENEGOTIATE:
199	s->renegotiate=1;	174	s->new_session=1;
200	s->state=SSL_ST_CONNECT;	175	s->state=SSL_ST_CONNECT;
201	s->ctx->stats.sess_connect_renegotiate++;	176	s->ctx->stats.sess_connect_renegotiate++;
202	/* break */	177	/* break */
@@ -251,42 +226,6 @@ int dtls1_connect(SSL *s)
251	s->hit = 0;	226	s->hit = 0;
252	break;	227	break;
253		228
254	#ifndef OPENSSL_NO_SCTP
255	case DTLS1_SCTP_ST_CR_READ_SOCK:
256
257	if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s)))
258	{
259	s->s3->in_read_app_data=2;
260	s->rwstate=SSL_READING;
261	BIO_clear_retry_flags(SSL_get_rbio(s));
262	BIO_set_retry_read(SSL_get_rbio(s));
263	ret = -1;
264	goto end;
265	}
266
267	s->state=s->s3->tmp.next_state;
268	break;
269
270	case DTLS1_SCTP_ST_CW_WRITE_SOCK:
271	/* read app data until dry event */
272
273	ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
274	if (ret < 0) goto end;
275
276	if (ret == 0)
277	{
278	s->s3->in_read_app_data=2;
279	s->rwstate=SSL_READING;
280	BIO_clear_retry_flags(SSL_get_rbio(s));
281	BIO_set_retry_read(SSL_get_rbio(s));
282	ret = -1;
283	goto end;
284	}
285
286	s->state=s->d1->next_state;
287	break;
288	#endif
289
290	case SSL3_ST_CW_CLNT_HELLO_A:	229	case SSL3_ST_CW_CLNT_HELLO_A:
291	case SSL3_ST_CW_CLNT_HELLO_B:	230	case SSL3_ST_CW_CLNT_HELLO_B:
292		231
@@ -309,17 +248,9 @@ int dtls1_connect(SSL *s)
309		248
310	s->init_num=0;	249	s->init_num=0;
311		250
312	#ifndef OPENSSL_NO_SCTP	251	/* turn on buffering for the next lot of output */
313	/* Disable buffering for SCTP */	252	if (s->bbio != s->wbio)
314	if (!BIO_dgram_is_sctp(SSL_get_wbio(s)))	253	s->wbio=BIO_push(s->bbio,s->wbio);
315	{
316	#endif
317	/* turn on buffering for the next lot of output */
318	if (s->bbio != s->wbio)
319	s->wbio=BIO_push(s->bbio,s->wbio);
320	#ifndef OPENSSL_NO_SCTP
321	}
322	#endif
323		254
324	break;	255	break;
325		256
@@ -329,25 +260,9 @@ int dtls1_connect(SSL *s)
329	if (ret <= 0) goto end;	260	if (ret <= 0) goto end;
330	else	261	else
331	{	262	{
		263	dtls1_stop_timer(s);
332	if (s->hit)	264	if (s->hit)
333	{
334	#ifndef OPENSSL_NO_SCTP
335	/* Add new shared key for SCTP-Auth,
336	* will be ignored if no SCTP used.
337	*/
338	snprintf((char*) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
339	DTLS1_SCTP_AUTH_LABEL);
340
341	SSL_export_keying_material(s, sctpauthkey,
342	sizeof(sctpauthkey), labelbuffer,
343	sizeof(labelbuffer), NULL, 0, 0);
344
345	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
346	sizeof(sctpauthkey), sctpauthkey);
347	#endif
348
349	s->state=SSL3_ST_CR_FINISHED_A;	265	s->state=SSL3_ST_CR_FINISHED_A;
350	}
351	else	266	else
352	s->state=DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;	267	s->state=DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
353	}	268	}
@@ -439,20 +354,12 @@ int dtls1_connect(SSL *s)
439	case SSL3_ST_CR_SRVR_DONE_B:	354	case SSL3_ST_CR_SRVR_DONE_B:
440	ret=ssl3_get_server_done(s);	355	ret=ssl3_get_server_done(s);
441	if (ret <= 0) goto end;	356	if (ret <= 0) goto end;
442	dtls1_stop_timer(s);
443	if (s->s3->tmp.cert_req)	357	if (s->s3->tmp.cert_req)
444	s->s3->tmp.next_state=SSL3_ST_CW_CERT_A;	358	s->state=SSL3_ST_CW_CERT_A;
445	else	359	else
446	s->s3->tmp.next_state=SSL3_ST_CW_KEY_EXCH_A;	360	s->state=SSL3_ST_CW_KEY_EXCH_A;
447	s->init_num=0;	361	s->init_num=0;
448		362
449	#ifndef OPENSSL_NO_SCTP
450	if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
451	state == SSL_ST_RENEGOTIATE)
452	s->state=DTLS1_SCTP_ST_CR_READ_SOCK;
453	else
454	#endif
455	s->state=s->s3->tmp.next_state;
456	break;	363	break;
457		364
458	case SSL3_ST_CW_CERT_A:	365	case SSL3_ST_CW_CERT_A:
@@ -471,22 +378,6 @@ int dtls1_connect(SSL *s)
471	dtls1_start_timer(s);	378	dtls1_start_timer(s);
472	ret=dtls1_send_client_key_exchange(s);	379	ret=dtls1_send_client_key_exchange(s);
473	if (ret <= 0) goto end;	380	if (ret <= 0) goto end;
474
475	#ifndef OPENSSL_NO_SCTP
476	/* Add new shared key for SCTP-Auth,
477	* will be ignored if no SCTP used.
478	*/
479	snprintf((char*) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
480	DTLS1_SCTP_AUTH_LABEL);
481
482	SSL_export_keying_material(s, sctpauthkey,
483	sizeof(sctpauthkey), labelbuffer,
484	sizeof(labelbuffer), NULL, 0, 0);
485
486	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
487	sizeof(sctpauthkey), sctpauthkey);
488	#endif
489
490	/* EAY EAY EAY need to check for DH fix cert	381	/* EAY EAY EAY need to check for DH fix cert
491	* sent back */	382	* sent back */
492	/* For TLS, cert_req is set to 2, so a cert chain	383	/* For TLS, cert_req is set to 2, so a cert chain
@@ -497,15 +388,7 @@ int dtls1_connect(SSL *s)
497	}	388	}
498	else	389	else
499	{	390	{
500	#ifndef OPENSSL_NO_SCTP	391	s->state=SSL3_ST_CW_CHANGE_A;
501	if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
502	{
503	s->d1->next_state=SSL3_ST_CW_CHANGE_A;
504	s->state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
505	}
506	else
507	#endif
508	s->state=SSL3_ST_CW_CHANGE_A;
509	s->s3->change_cipher_spec=0;	392	s->s3->change_cipher_spec=0;
510	}	393	}
511		394
@@ -517,15 +400,7 @@ int dtls1_connect(SSL *s)
517	dtls1_start_timer(s);	400	dtls1_start_timer(s);
518	ret=dtls1_send_client_verify(s);	401	ret=dtls1_send_client_verify(s);
519	if (ret <= 0) goto end;	402	if (ret <= 0) goto end;
520	#ifndef OPENSSL_NO_SCTP	403	s->state=SSL3_ST_CW_CHANGE_A;
521	if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
522	{
523	s->d1->next_state=SSL3_ST_CW_CHANGE_A;
524	s->state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
525	}
526	else
527	#endif
528	s->state=SSL3_ST_CW_CHANGE_A;
529	s->init_num=0;	404	s->init_num=0;
530	s->s3->change_cipher_spec=0;	405	s->s3->change_cipher_spec=0;
531	break;	406	break;
@@ -537,14 +412,6 @@ int dtls1_connect(SSL *s)
537	ret=dtls1_send_change_cipher_spec(s,	412	ret=dtls1_send_change_cipher_spec(s,
538	SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);	413	SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
539	if (ret <= 0) goto end;	414	if (ret <= 0) goto end;
540
541	#ifndef OPENSSL_NO_SCTP
542	/* Change to new shared key of SCTP-Auth,
543	* will be ignored if no SCTP used.
544	*/
545	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
546	#endif
547
548	s->state=SSL3_ST_CW_FINISHED_A;	415	s->state=SSL3_ST_CW_FINISHED_A;
549	s->init_num=0;	416	s->init_num=0;
550		417
@@ -590,23 +457,9 @@ int dtls1_connect(SSL *s)
590	if (s->hit)	457	if (s->hit)
591	{	458	{
592	s->s3->tmp.next_state=SSL_ST_OK;	459	s->s3->tmp.next_state=SSL_ST_OK;
593	#ifndef OPENSSL_NO_SCTP
594	if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
595	{
596	s->d1->next_state = s->s3->tmp.next_state;
597	s->s3->tmp.next_state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
598	}
599	#endif
600	if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)	460	if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
601	{	461	{
602	s->state=SSL_ST_OK;	462	s->state=SSL_ST_OK;
603	#ifndef OPENSSL_NO_SCTP
604	if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
605	{
606	s->d1->next_state = SSL_ST_OK;
607	s->state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
608	}
609	#endif
610	s->s3->flags\|=SSL3_FLAGS_POP_BUFFER;	463	s->s3->flags\|=SSL3_FLAGS_POP_BUFFER;
611	s->s3->delay_buf_pop_ret=0;	464	s->s3->delay_buf_pop_ret=0;
612	}	465	}
@@ -655,16 +508,6 @@ int dtls1_connect(SSL *s)
655	s->state=SSL3_ST_CW_CHANGE_A;	508	s->state=SSL3_ST_CW_CHANGE_A;
656	else	509	else
657	s->state=SSL_ST_OK;	510	s->state=SSL_ST_OK;
658
659	#ifndef OPENSSL_NO_SCTP
660	if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
661	state == SSL_ST_RENEGOTIATE)
662	{
663	s->d1->next_state=s->state;
664	s->state=DTLS1_SCTP_ST_CW_WRITE_SOCK;
665	}
666	#endif
667
668	s->init_num=0;	511	s->init_num=0;
669	break;	512	break;
670		513
@@ -672,13 +515,6 @@ int dtls1_connect(SSL *s)
672	s->rwstate=SSL_WRITING;	515	s->rwstate=SSL_WRITING;
673	if (BIO_flush(s->wbio) <= 0)	516	if (BIO_flush(s->wbio) <= 0)
674	{	517	{
675	/* If the write error was fatal, stop trying */
676	if (!BIO_should_retry(s->wbio))
677	{
678	s->rwstate=SSL_NOTHING;
679	s->state=s->s3->tmp.next_state;
680	}
681
682	ret= -1;	518	ret= -1;
683	goto end;	519	goto end;
684	}	520	}
@@ -705,7 +541,6 @@ int dtls1_connect(SSL *s)
705	/* else do it later in ssl3_write */	541	/* else do it later in ssl3_write */
706		542
707	s->init_num=0;	543	s->init_num=0;
708	s->renegotiate=0;
709	s->new_session=0;	544	s->new_session=0;
710		545
711	ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);	546	ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
@@ -752,15 +587,6 @@ int dtls1_connect(SSL *s)
752	}	587	}
753	end:	588	end:
754	s->in_handshake--;	589	s->in_handshake--;
755
756	#ifndef OPENSSL_NO_SCTP
757	/* Notify SCTP BIO socket to leave handshake
758	* mode and allow stream identifier other
759	* than 0. Will be ignored if no SCTP is used.
760	*/
761	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);
762	#endif
763
764	if (buf != NULL)	590	if (buf != NULL)
765	BUF_MEM_free(buf);	591	BUF_MEM_free(buf);
766	if (cb != NULL)	592	if (cb != NULL)