1 files changed, 19 insertions, 167 deletions
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index 29421da9aa..149983be30 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -151,10 +151,6 @@ int dtls1_accept(SSL *s)
        int ret= -1;
        int new_state,state,skip=0;
        int listen;
-#ifndef OPENSSL_NO_SCTP
-        unsigned char sctpauthkey[64];
-        char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
-#endif
        RAND_add(&Time,sizeof(Time),0);
        ERR_clear_error();
@@ -172,13 +168,6 @@ int dtls1_accept(SSL *s)
        if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
        s->d1->listen = listen;
-#ifndef OPENSSL_NO_SCTP
-        /* Notify SCTP BIO socket to enter handshake
-         * mode and prevent stream identifier other
-         * than 0. Will be ignored if no SCTP is used.
-         */
-        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);
-#endif
        if (s->cert == NULL)
                {
@@ -186,19 +175,6 @@ int dtls1_accept(SSL *s)
                return(-1);
                }
-#ifndef OPENSSL_NO_HEARTBEATS
-        /* If we're awaiting a HeartbeatResponse, pretend we
-         * already got and don't await it anymore, because
-         * Heartbeats don't make sense during handshakes anyway.
-         */
-        if (s->tlsext_hb_pending)
-                {
-                dtls1_stop_timer(s);
-                s->tlsext_hb_pending = 0;
-                s->tlsext_hb_seq++;
-                }
-#endif
        for (;;)
                {
                state=s->state;
@@ -206,7 +182,7 @@ int dtls1_accept(SSL *s)
                switch (s->state)
                        {
                case SSL_ST_RENEGOTIATE:
-                        s->renegotiate=1;
+                        s->new_session=1;
                        /* s->state=SSL_ST_ACCEPT; */
                case SSL_ST_BEFORE:
@@ -251,12 +227,8 @@ int dtls1_accept(SSL *s)
                                {
                                /* Ok, we now need to push on a buffering BIO so that
                                 * the output is sent in a way that TCP likes :-)
-                                 * ...but not with SCTP :-)
                                 */
-#ifndef OPENSSL_NO_SCTP
+                                if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
-                                if (!BIO_dgram_is_sctp(SSL_get_wbio(s)))
-#endif
-                                        if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
                                ssl3_init_finished_mac(s);
                                s->state=SSL3_ST_SR_CLNT_HELLO_A;
@@ -341,75 +313,25 @@ int dtls1_accept(SSL *s)
                                ssl3_init_finished_mac(s);
                        break;
                        
-#ifndef OPENSSL_NO_SCTP
-                case DTLS1_SCTP_ST_SR_READ_SOCK:
-                        
-                        if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s)))                
-                                {
-                                s->s3->in_read_app_data=2;
-                                s->rwstate=SSL_READING;
-                                BIO_clear_retry_flags(SSL_get_rbio(s));
-                                BIO_set_retry_read(SSL_get_rbio(s));
-                                ret = -1;
-                                goto end;
-                                }
-                        
-                        s->state=SSL3_ST_SR_FINISHED_A;
-                        break;
-                        
-                case DTLS1_SCTP_ST_SW_WRITE_SOCK:
-                        ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
-                        if (ret < 0) goto end;
-                        
-                        if (ret == 0)
-                                {
-                                if (s->d1->next_state != SSL_ST_OK)
-                                        {
-                                        s->s3->in_read_app_data=2;
-                                        s->rwstate=SSL_READING;
-                                        BIO_clear_retry_flags(SSL_get_rbio(s));
-                                        BIO_set_retry_read(SSL_get_rbio(s));
-                                        ret = -1;
-                                        goto end;
-                                        }
-                                }
-                        s->state=s->d1->next_state;
-                        break;
-#endif
                case SSL3_ST_SW_SRVR_HELLO_A:
                case SSL3_ST_SW_SRVR_HELLO_B:
-                        s->renegotiate = 2;
+                        s->new_session = 2;
                        dtls1_start_timer(s);
                        ret=dtls1_send_server_hello(s);
                        if (ret <= 0) goto end;
+#ifndef OPENSSL_NO_TLSEXT
                        if (s->hit)
                                {
-#ifndef OPENSSL_NO_SCTP
-                                /* Add new shared key for SCTP-Auth,
-                                 * will be ignored if no SCTP used.
-                                 */
-                                snprintf((char*) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
-                                         DTLS1_SCTP_AUTH_LABEL);
-                                SSL_export_keying_material(s, sctpauthkey,
-                                                           sizeof(sctpauthkey), labelbuffer,
-                                                           sizeof(labelbuffer), NULL, 0, 0);
-                                
-                                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
-                         sizeof(sctpauthkey), sctpauthkey);
-#endif
-#ifndef OPENSSL_NO_TLSEXT
                                if (s->tlsext_ticket_expected)
                                        s->state=SSL3_ST_SW_SESSION_TICKET_A;
                                else
                                        s->state=SSL3_ST_SW_CHANGE_A;
+                                }
 #else
-                                s->state=SSL3_ST_SW_CHANGE_A;
+                        if (s->hit)
+                                        s->state=SSL3_ST_SW_CHANGE_A;
 #endif
-                                }
                        else
                                s->state=SSL3_ST_SW_CERT_A;
                        s->init_num=0;
@@ -519,13 +441,6 @@ int dtls1_accept(SSL *s)
                                skip=1;
                                s->s3->tmp.cert_request=0;
                                s->state=SSL3_ST_SW_SRVR_DONE_A;
-#ifndef OPENSSL_NO_SCTP
-                                if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
-                                        {
-                                        s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
-                                        s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
-                                        }
-#endif
                                }
                        else
                                {
@@ -535,23 +450,9 @@ int dtls1_accept(SSL *s)
                                if (ret <= 0) goto end;
 #ifndef NETSCAPE_HANG_BUG
                                s->state=SSL3_ST_SW_SRVR_DONE_A;
-#ifndef OPENSSL_NO_SCTP
-                                if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
-                                        {
-                                        s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
-                                        s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
-                                        }
-#endif
 #else
                                s->state=SSL3_ST_SW_FLUSH;
                                s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
-#ifndef OPENSSL_NO_SCTP
-                                if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
-                                        {
-                                        s->d1->next_state = s->s3->tmp.next_state;
-                                        s->s3->tmp.next_state=DTLS1_SCTP_ST_SW_WRITE_SOCK;
-                                        }
-#endif
 #endif
                                s->init_num=0;
                                }
@@ -571,13 +472,6 @@ int dtls1_accept(SSL *s)
                        s->rwstate=SSL_WRITING;
                        if (BIO_flush(s->wbio) <= 0)
                                {
-                                /* If the write error was fatal, stop trying */
-                                if (!BIO_should_retry(s->wbio))
-                                        {
-                                        s->rwstate=SSL_NOTHING;
-                                        s->state=s->s3->tmp.next_state;
-                                        }
-                                
                                ret= -1;
                                goto end;
                                }
@@ -591,16 +485,15 @@ int dtls1_accept(SSL *s)
                        ret = ssl3_check_client_hello(s);
                        if (ret <= 0)
                                goto end;
+                        dtls1_stop_timer(s);
                        if (ret == 2)
-                                {
-                                dtls1_stop_timer(s);
                                s->state = SSL3_ST_SR_CLNT_HELLO_C;
-                                }
                        else {
                                /* could be sent for a DH cert, even if we
                                 * have not asked for it :-) */
                                ret=ssl3_get_client_certificate(s);
                                if (ret <= 0) goto end;
+                                dtls1_stop_timer(s);
                                s->init_num=0;
                                s->state=SSL3_ST_SR_KEY_EXCH_A;
                        }
@@ -610,21 +503,7 @@ int dtls1_accept(SSL *s)
                case SSL3_ST_SR_KEY_EXCH_B:
                        ret=ssl3_get_client_key_exchange(s);
                        if (ret <= 0) goto end;
-#ifndef OPENSSL_NO_SCTP
+                        dtls1_stop_timer(s);
-                        /* Add new shared key for SCTP-Auth,
-                         * will be ignored if no SCTP used.
-                         */
-                        snprintf((char *) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
-                                 DTLS1_SCTP_AUTH_LABEL);
-                        SSL_export_keying_material(s, sctpauthkey,
-                                                   sizeof(sctpauthkey), labelbuffer,
-                                                   sizeof(labelbuffer), NULL, 0, 0);
-                        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
-                                 sizeof(sctpauthkey), sctpauthkey);
-#endif
                        s->state=SSL3_ST_SR_CERT_VRFY_A;
                        s->init_num=0;
@@ -661,13 +540,9 @@ int dtls1_accept(SSL *s)
                        /* we should decide if we expected this one */
                        ret=ssl3_get_cert_verify(s);
                        if (ret <= 0) goto end;
-#ifndef OPENSSL_NO_SCTP
+                        dtls1_stop_timer(s);
-                        if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
-                            state == SSL_ST_RENEGOTIATE)
+                        s->state=SSL3_ST_SR_FINISHED_A;
-                                s->state=DTLS1_SCTP_ST_SR_READ_SOCK;
-                        else
-#endif                  
-                                s->state=SSL3_ST_SR_FINISHED_A;
                        s->init_num=0;
                        break;
@@ -719,14 +594,6 @@ int dtls1_accept(SSL *s)
                                SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
                        if (ret <= 0) goto end;
-#ifndef OPENSSL_NO_SCTP
-                        /* Change to new shared key of SCTP-Auth,
-                         * will be ignored if no SCTP used.
-                         */
-                        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
-#endif
                        s->state=SSL3_ST_SW_FINISHED_A;
                        s->init_num=0;
@@ -751,16 +618,7 @@ int dtls1_accept(SSL *s)
                        if (s->hit)
                                s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
                        else
-                                {
                                s->s3->tmp.next_state=SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
-                                if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
-                                        {
-                                        s->d1->next_state = s->s3->tmp.next_state;
-                                        s->s3->tmp.next_state=DTLS1_SCTP_ST_SW_WRITE_SOCK;
-                                        }
-#endif
-                                }
                        s->init_num=0;
                        break;
@@ -778,9 +636,11 @@ int dtls1_accept(SSL *s)
                        s->init_num=0;
-                        if (s->renegotiate == 2) /* skipped if we just sent a HelloRequest */
+                        if (s->new_session == 2) /* skipped if we just sent a HelloRequest */
                                {
-                                s->renegotiate=0;
+                                /* actually not necessarily a 'new' session unless
+                                 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
+                                
                                s->new_session=0;
                                
                                ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
@@ -832,14 +692,6 @@ end:
        /* BIO_flush(s->wbio); */
        s->in_handshake--;
-#ifndef OPENSSL_NO_SCTP
-                /* Notify SCTP BIO socket to leave handshake
-                 * mode and prevent stream identifier other
-                 * than 0. Will be ignored if no SCTP is used.
-                 */
-                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);
-#endif
        if (cb != NULL)
                cb(s,SSL_CB_ACCEPT_EXIT,ret);
        return(ret);
@@ -920,7 +772,7 @@ int dtls1_send_server_hello(SSL *s)
                p=s->s3->server_random;
                Time=(unsigned long)time(NULL);                 /* Time */
                l2n(Time,p);
-                RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4);
+                RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
                /* Do the message type and length last */
                d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);
@@ -1295,7 +1147,7 @@ int dtls1_send_server_key_exchange(SSL *s)
                if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
                        && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
                        {
-                        if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher, NULL))
+                        if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
                                == NULL)
                                {
                                al=SSL_AD_DECODE_ERROR;

diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index 29421da9aa..149983be30 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c
@@ -151,10 +151,6 @@ int dtls1_accept(SSL *s)
151	int ret= -1;	151	int ret= -1;
152	int new_state,state,skip=0;	152	int new_state,state,skip=0;
153	int listen;	153	int listen;
154	#ifndef OPENSSL_NO_SCTP
155	unsigned char sctpauthkey[64];
156	char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
157	#endif
158		154
159	RAND_add(&Time,sizeof(Time),0);	155	RAND_add(&Time,sizeof(Time),0);
160	ERR_clear_error();	156	ERR_clear_error();
@@ -172,13 +168,6 @@ int dtls1_accept(SSL *s)
172	if (!SSL_in_init(s) \|\| SSL_in_before(s)) SSL_clear(s);	168	if (!SSL_in_init(s) \|\| SSL_in_before(s)) SSL_clear(s);
173		169
174	s->d1->listen = listen;	170	s->d1->listen = listen;
175	#ifndef OPENSSL_NO_SCTP
176	/* Notify SCTP BIO socket to enter handshake
177	* mode and prevent stream identifier other
178	* than 0. Will be ignored if no SCTP is used.
179	*/
180	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);
181	#endif
182		171
183	if (s->cert == NULL)	172	if (s->cert == NULL)
184	{	173	{
@@ -186,19 +175,6 @@ int dtls1_accept(SSL *s)
186	return(-1);	175	return(-1);
187	}	176	}
188		177
189	#ifndef OPENSSL_NO_HEARTBEATS
190	/* If we're awaiting a HeartbeatResponse, pretend we
191	* already got and don't await it anymore, because
192	* Heartbeats don't make sense during handshakes anyway.
193	*/
194	if (s->tlsext_hb_pending)
195	{
196	dtls1_stop_timer(s);
197	s->tlsext_hb_pending = 0;
198	s->tlsext_hb_seq++;
199	}
200	#endif
201
202	for (;;)	178	for (;;)
203	{	179	{
204	state=s->state;	180	state=s->state;
@@ -206,7 +182,7 @@ int dtls1_accept(SSL *s)
206	switch (s->state)	182	switch (s->state)
207	{	183	{
208	case SSL_ST_RENEGOTIATE:	184	case SSL_ST_RENEGOTIATE:
209	s->renegotiate=1;	185	s->new_session=1;
210	/* s->state=SSL_ST_ACCEPT; */	186	/* s->state=SSL_ST_ACCEPT; */
211		187
212	case SSL_ST_BEFORE:	188	case SSL_ST_BEFORE:
@@ -251,12 +227,8 @@ int dtls1_accept(SSL *s)
251	{	227	{
252	/* Ok, we now need to push on a buffering BIO so that	228	/* Ok, we now need to push on a buffering BIO so that
253	* the output is sent in a way that TCP likes :-)	229	* the output is sent in a way that TCP likes :-)
254	* ...but not with SCTP :-)
255	*/	230	*/
256	#ifndef OPENSSL_NO_SCTP	231	if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
257	if (!BIO_dgram_is_sctp(SSL_get_wbio(s)))
258	#endif
259	if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
260		232
261	ssl3_init_finished_mac(s);	233	ssl3_init_finished_mac(s);
262	s->state=SSL3_ST_SR_CLNT_HELLO_A;	234	s->state=SSL3_ST_SR_CLNT_HELLO_A;
@@ -341,75 +313,25 @@ int dtls1_accept(SSL *s)
341	ssl3_init_finished_mac(s);	313	ssl3_init_finished_mac(s);
342	break;	314	break;
343		315
344	#ifndef OPENSSL_NO_SCTP
345	case DTLS1_SCTP_ST_SR_READ_SOCK:
346
347	if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s)))
348	{
349	s->s3->in_read_app_data=2;
350	s->rwstate=SSL_READING;
351	BIO_clear_retry_flags(SSL_get_rbio(s));
352	BIO_set_retry_read(SSL_get_rbio(s));
353	ret = -1;
354	goto end;
355	}
356
357	s->state=SSL3_ST_SR_FINISHED_A;
358	break;
359
360	case DTLS1_SCTP_ST_SW_WRITE_SOCK:
361	ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
362	if (ret < 0) goto end;
363
364	if (ret == 0)
365	{
366	if (s->d1->next_state != SSL_ST_OK)
367	{
368	s->s3->in_read_app_data=2;
369	s->rwstate=SSL_READING;
370	BIO_clear_retry_flags(SSL_get_rbio(s));
371	BIO_set_retry_read(SSL_get_rbio(s));
372	ret = -1;
373	goto end;
374	}
375	}
376
377	s->state=s->d1->next_state;
378	break;
379	#endif
380
381	case SSL3_ST_SW_SRVR_HELLO_A:	316	case SSL3_ST_SW_SRVR_HELLO_A:
382	case SSL3_ST_SW_SRVR_HELLO_B:	317	case SSL3_ST_SW_SRVR_HELLO_B:
383	s->renegotiate = 2;	318	s->new_session = 2;
384	dtls1_start_timer(s);	319	dtls1_start_timer(s);
385	ret=dtls1_send_server_hello(s);	320	ret=dtls1_send_server_hello(s);
386	if (ret <= 0) goto end;	321	if (ret <= 0) goto end;
387		322
		323	#ifndef OPENSSL_NO_TLSEXT
388	if (s->hit)	324	if (s->hit)
389	{	325	{
390	#ifndef OPENSSL_NO_SCTP
391	/* Add new shared key for SCTP-Auth,
392	* will be ignored if no SCTP used.
393	*/
394	snprintf((char*) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
395	DTLS1_SCTP_AUTH_LABEL);
396
397	SSL_export_keying_material(s, sctpauthkey,
398	sizeof(sctpauthkey), labelbuffer,
399	sizeof(labelbuffer), NULL, 0, 0);
400
401	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
402	sizeof(sctpauthkey), sctpauthkey);
403	#endif
404	#ifndef OPENSSL_NO_TLSEXT
405	if (s->tlsext_ticket_expected)	326	if (s->tlsext_ticket_expected)
406	s->state=SSL3_ST_SW_SESSION_TICKET_A;	327	s->state=SSL3_ST_SW_SESSION_TICKET_A;
407	else	328	else
408	s->state=SSL3_ST_SW_CHANGE_A;	329	s->state=SSL3_ST_SW_CHANGE_A;
		330	}
409	#else	331	#else
410	s->state=SSL3_ST_SW_CHANGE_A;	332	if (s->hit)
		333	s->state=SSL3_ST_SW_CHANGE_A;
411	#endif	334	#endif
412	}
413	else	335	else
414	s->state=SSL3_ST_SW_CERT_A;	336	s->state=SSL3_ST_SW_CERT_A;
415	s->init_num=0;	337	s->init_num=0;
@@ -519,13 +441,6 @@ int dtls1_accept(SSL *s)
519	skip=1;	441	skip=1;
520	s->s3->tmp.cert_request=0;	442	s->s3->tmp.cert_request=0;
521	s->state=SSL3_ST_SW_SRVR_DONE_A;	443	s->state=SSL3_ST_SW_SRVR_DONE_A;
522	#ifndef OPENSSL_NO_SCTP
523	if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
524	{
525	s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
526	s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
527	}
528	#endif
529	}	444	}
530	else	445	else
531	{	446	{
@@ -535,23 +450,9 @@ int dtls1_accept(SSL *s)
535	if (ret <= 0) goto end;	450	if (ret <= 0) goto end;
536	#ifndef NETSCAPE_HANG_BUG	451	#ifndef NETSCAPE_HANG_BUG
537	s->state=SSL3_ST_SW_SRVR_DONE_A;	452	s->state=SSL3_ST_SW_SRVR_DONE_A;
538	#ifndef OPENSSL_NO_SCTP
539	if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
540	{
541	s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
542	s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
543	}
544	#endif
545	#else	453	#else
546	s->state=SSL3_ST_SW_FLUSH;	454	s->state=SSL3_ST_SW_FLUSH;
547	s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;	455	s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
548	#ifndef OPENSSL_NO_SCTP
549	if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
550	{
551	s->d1->next_state = s->s3->tmp.next_state;
552	s->s3->tmp.next_state=DTLS1_SCTP_ST_SW_WRITE_SOCK;
553	}
554	#endif
555	#endif	456	#endif
556	s->init_num=0;	457	s->init_num=0;
557	}	458	}
@@ -571,13 +472,6 @@ int dtls1_accept(SSL *s)
571	s->rwstate=SSL_WRITING;	472	s->rwstate=SSL_WRITING;
572	if (BIO_flush(s->wbio) <= 0)	473	if (BIO_flush(s->wbio) <= 0)
573	{	474	{
574	/* If the write error was fatal, stop trying */
575	if (!BIO_should_retry(s->wbio))
576	{
577	s->rwstate=SSL_NOTHING;
578	s->state=s->s3->tmp.next_state;
579	}
580
581	ret= -1;	475	ret= -1;
582	goto end;	476	goto end;
583	}	477	}
@@ -591,16 +485,15 @@ int dtls1_accept(SSL *s)
591	ret = ssl3_check_client_hello(s);	485	ret = ssl3_check_client_hello(s);
592	if (ret <= 0)	486	if (ret <= 0)
593	goto end;	487	goto end;
		488	dtls1_stop_timer(s);
594	if (ret == 2)	489	if (ret == 2)
595	{
596	dtls1_stop_timer(s);
597	s->state = SSL3_ST_SR_CLNT_HELLO_C;	490	s->state = SSL3_ST_SR_CLNT_HELLO_C;
598	}
599	else {	491	else {
600	/* could be sent for a DH cert, even if we	492	/* could be sent for a DH cert, even if we
601	* have not asked for it :-) */	493	* have not asked for it :-) */
602	ret=ssl3_get_client_certificate(s);	494	ret=ssl3_get_client_certificate(s);
603	if (ret <= 0) goto end;	495	if (ret <= 0) goto end;
		496	dtls1_stop_timer(s);
604	s->init_num=0;	497	s->init_num=0;
605	s->state=SSL3_ST_SR_KEY_EXCH_A;	498	s->state=SSL3_ST_SR_KEY_EXCH_A;
606	}	499	}
@@ -610,21 +503,7 @@ int dtls1_accept(SSL *s)
610	case SSL3_ST_SR_KEY_EXCH_B:	503	case SSL3_ST_SR_KEY_EXCH_B:
611	ret=ssl3_get_client_key_exchange(s);	504	ret=ssl3_get_client_key_exchange(s);
612	if (ret <= 0) goto end;	505	if (ret <= 0) goto end;
613	#ifndef OPENSSL_NO_SCTP	506	dtls1_stop_timer(s);
614	/* Add new shared key for SCTP-Auth,
615	* will be ignored if no SCTP used.
616	*/
617	snprintf((char *) labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
618	DTLS1_SCTP_AUTH_LABEL);
619
620	SSL_export_keying_material(s, sctpauthkey,
621	sizeof(sctpauthkey), labelbuffer,
622	sizeof(labelbuffer), NULL, 0, 0);
623
624	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
625	sizeof(sctpauthkey), sctpauthkey);
626	#endif
627
628	s->state=SSL3_ST_SR_CERT_VRFY_A;	507	s->state=SSL3_ST_SR_CERT_VRFY_A;
629	s->init_num=0;	508	s->init_num=0;
630		509
@@ -661,13 +540,9 @@ int dtls1_accept(SSL *s)
661	/* we should decide if we expected this one */	540	/* we should decide if we expected this one */
662	ret=ssl3_get_cert_verify(s);	541	ret=ssl3_get_cert_verify(s);
663	if (ret <= 0) goto end;	542	if (ret <= 0) goto end;
664	#ifndef OPENSSL_NO_SCTP	543	dtls1_stop_timer(s);
665	if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&	544
666	state == SSL_ST_RENEGOTIATE)	545	s->state=SSL3_ST_SR_FINISHED_A;
667	s->state=DTLS1_SCTP_ST_SR_READ_SOCK;
668	else
669	#endif
670	s->state=SSL3_ST_SR_FINISHED_A;
671	s->init_num=0;	546	s->init_num=0;
672	break;	547	break;
673		548
@@ -719,14 +594,6 @@ int dtls1_accept(SSL *s)
719	SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);	594	SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
720		595
721	if (ret <= 0) goto end;	596	if (ret <= 0) goto end;
722
723	#ifndef OPENSSL_NO_SCTP
724	/* Change to new shared key of SCTP-Auth,
725	* will be ignored if no SCTP used.
726	*/
727	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY, 0, NULL);
728	#endif
729
730	s->state=SSL3_ST_SW_FINISHED_A;	597	s->state=SSL3_ST_SW_FINISHED_A;
731	s->init_num=0;	598	s->init_num=0;
732		599
@@ -751,16 +618,7 @@ int dtls1_accept(SSL *s)
751	if (s->hit)	618	if (s->hit)
752	s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;	619	s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
753	else	620	else
754	{
755	s->s3->tmp.next_state=SSL_ST_OK;	621	s->s3->tmp.next_state=SSL_ST_OK;
756	#ifndef OPENSSL_NO_SCTP
757	if (BIO_dgram_is_sctp(SSL_get_wbio(s)))
758	{
759	s->d1->next_state = s->s3->tmp.next_state;
760	s->s3->tmp.next_state=DTLS1_SCTP_ST_SW_WRITE_SOCK;
761	}
762	#endif
763	}
764	s->init_num=0;	622	s->init_num=0;
765	break;	623	break;
766		624
@@ -778,9 +636,11 @@ int dtls1_accept(SSL *s)
778		636
779	s->init_num=0;	637	s->init_num=0;
780		638
781	if (s->renegotiate == 2) /* skipped if we just sent a HelloRequest */	639	if (s->new_session == 2) /* skipped if we just sent a HelloRequest */
782	{	640	{
783	s->renegotiate=0;	641	/* actually not necessarily a 'new' session unless
		642	* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
		643
784	s->new_session=0;	644	s->new_session=0;
785		645
786	ssl_update_cache(s,SSL_SESS_CACHE_SERVER);	646	ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
@@ -832,14 +692,6 @@ end:
832	/* BIO_flush(s->wbio); */	692	/* BIO_flush(s->wbio); */
833		693
834	s->in_handshake--;	694	s->in_handshake--;
835	#ifndef OPENSSL_NO_SCTP
836	/* Notify SCTP BIO socket to leave handshake
837	* mode and prevent stream identifier other
838	* than 0. Will be ignored if no SCTP is used.
839	*/
840	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);
841	#endif
842
843	if (cb != NULL)	695	if (cb != NULL)
844	cb(s,SSL_CB_ACCEPT_EXIT,ret);	696	cb(s,SSL_CB_ACCEPT_EXIT,ret);
845	return(ret);	697	return(ret);
@@ -920,7 +772,7 @@ int dtls1_send_server_hello(SSL *s)
920	p=s->s3->server_random;	772	p=s->s3->server_random;
921	Time=(unsigned long)time(NULL); /* Time */	773	Time=(unsigned long)time(NULL); /* Time */
922	l2n(Time,p);	774	l2n(Time,p);
923	RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4);	775	RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
924	/* Do the message type and length last */	776	/* Do the message type and length last */
925	d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);	777	d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);
926		778
@@ -1295,7 +1147,7 @@ int dtls1_send_server_key_exchange(SSL *s)
1295	if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)	1147	if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
1296	&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))	1148	&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
1297	{	1149	{
1298	if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher, NULL))	1150	if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
1299	== NULL)	1151	== NULL)
1300	{	1152	{
1301	al=SSL_AD_DECODE_ERROR;	1153	al=SSL_AD_DECODE_ERROR;