Make ChangeCipherSpec compliant with DTLS RFC4347.

2007-09-30 21:19:30 +00:00 · 2007-09-30 21:19:30 +00:00 · 89c333e3e5
commit 89c333e3e5
parent 0d97d00b6c
2 changed files with 28 additions and 38 deletions
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@ -813,7 +813,6 @@ int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
 		*p++=SSL3_MT_CCS;
 		s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
 		s->d1->next_handshake_write_seq++;
-		s2n(s->d1->handshake_write_seq,p);

 		s->init_num=DTLS1_CCS_HEADER_LENGTH;
 		s->init_off=0;
@ -1255,5 +1254,4 @@ dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
 	memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st));

 	ccs_hdr->type = *(data++);
-	n2s(data, ccs_hdr->seq);
 	}
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@ -1019,8 +1019,6 @@ start:

 		dtls1_get_ccs_header(rr->data, &ccs_hdr);

-		if ( ccs_hdr.seq == s->d1->handshake_read_seq)
-			{
 		/* 'Change Cipher Spec' is just a single byte, so we know
 		 * exactly what the record payload has to look like */
 		/* XDTLS: check that epoch is consistent */
@ -1050,12 +1048,6 @@ start:

 		goto start;
 		}
-		else
-			{
-			rr->length = 0;
-			goto start;
-			}
-		}

 	/* Unexpected handshake message (Client Hello, or protocol violation) */
 	if ((s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&