diff options
Diffstat (limited to 'src/ssl/d1_lib.c')
| -rw-r--r-- | src/ssl/d1_lib.c | 25 |
1 files changed, 11 insertions, 14 deletions
diff --git a/src/ssl/d1_lib.c b/src/ssl/d1_lib.c index cb95585..ef7a9c9 100644 --- a/src/ssl/d1_lib.c +++ b/src/ssl/d1_lib.c @@ -54,18 +54,12 @@ * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). */ -#include <openssl/ssl.h> +#include <openssl/base.h> #include <limits.h> #include <stdio.h> #include <string.h> -#include <openssl/err.h> -#include <openssl/mem.h> -#include <openssl/obj.h> - -#include "internal.h" - #if defined(OPENSSL_WINDOWS) #include <sys/timeb.h> #else @@ -73,6 +67,11 @@ #include <sys/time.h> #endif +#include <openssl/err.h> +#include <openssl/mem.h> +#include <openssl/obj.h> + +#include "internal.h" /* DTLS1_MTU_TIMEOUTS is the maximum number of timeouts to expire * before starting to decrease the MTU. */ @@ -153,9 +152,8 @@ void dtls1_free(SSL *s) { } int dtls1_supports_cipher(const SSL_CIPHER *cipher) { - /* DTLS does not support stream ciphers. The NULL cipher is rejected because - * it's not needed. */ - return cipher->algorithm_enc != SSL_RC4 && cipher->algorithm_enc != SSL_eNULL; + /* DTLS does not support stream ciphers. */ + return cipher->algorithm_enc != SSL_RC4; } void dtls1_start_timer(SSL *s) { @@ -264,7 +262,7 @@ int dtls1_check_timeout_num(SSL *s) { if (s->d1->num_timeouts > DTLS1_MAX_TIMEOUTS) { /* fail the connection, enough alerts have been sent */ - OPENSSL_PUT_ERROR(SSL, SSL_R_READ_TIMEOUT_EXPIRED); + OPENSSL_PUT_ERROR(SSL, dtls1_check_timeout_num, SSL_R_READ_TIMEOUT_EXPIRED); return -1; } @@ -330,9 +328,8 @@ int dtls1_set_handshake_header(SSL *s, int htype, unsigned long len) { s2n(msg_hdr->seq, p); l2n3(0, p); l2n3(msg_hdr->msg_len, p); - return ssl3_update_handshake_hash(s, serialised_header, - sizeof(serialised_header)) && - ssl3_update_handshake_hash(s, message + DTLS1_HM_HEADER_LENGTH, len); + return ssl3_finish_mac(s, serialised_header, sizeof(serialised_header)) && + ssl3_finish_mac(s, message + DTLS1_HM_HEADER_LENGTH, len); } int dtls1_handshake_write(SSL *s) { |