0.9.8 version of PR#1931 fix.

[oweals/openssl.git] / ssl / d1_clnt.c

diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 6653d587d4c2ffec13d85ecb4119a061712c16d4..a95705448f4ea687aaf93053df57cf8b147f299b 100644 (file)
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -130,7 +130,7 @@ static int dtls1_get_hello_verify(SSL *s);
 
 static SSL_METHOD *dtls1_get_client_method(int ver)
        {
-       if (ver == DTLS1_VERSION)
+       if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
                return(DTLSv1_client_method());
        else
                return(NULL);
@@ -181,7 +181,8 @@ int dtls1_connect(SSL *s)
                        s->server=0;
                        if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
-                       if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00))
+                       if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00) &&
+                           (s->version & 0xff00 ) != (DTLS1_BAD_VER & 0xff00))
                                {
                                SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
                                ret = -1;
@@ -229,6 +230,7 @@ int dtls1_connect(SSL *s)
                        /* every DTLS ClientHello resets Finished MAC */
                        ssl3_init_finished_mac(s);
 
+                       dtls1_start_timer(s);
                        ret=dtls1_client_hello(s);
                        if (ret <= 0) goto end;
 
@@ -254,6 +256,7 @@ int dtls1_connect(SSL *s)
                        if (ret <= 0) goto end;
                        else
                                {
+                               dtls1_stop_timer(s);
                                if (s->hit)
                                        s->state=SSL3_ST_CR_FINISHED_A;
                                else
@@ -268,6 +271,7 @@ int dtls1_connect(SSL *s)
                        ret = dtls1_get_hello_verify(s);
                        if ( ret <= 0)
                                goto end;
+                       dtls1_stop_timer(s);
                        if ( s->d1->send_cookie) /* start again, with a cookie */
                                s->state=SSL3_ST_CW_CLNT_HELLO_A;
                        else
@@ -329,6 +333,7 @@ int dtls1_connect(SSL *s)
                case SSL3_ST_CW_CERT_B:
                case SSL3_ST_CW_CERT_C:
                case SSL3_ST_CW_CERT_D:
+                       dtls1_start_timer(s);
                        ret=dtls1_send_client_certificate(s);
                        if (ret <= 0) goto end;
                        s->state=SSL3_ST_CW_KEY_EXCH_A;
@@ -337,6 +342,7 @@ int dtls1_connect(SSL *s)
 
                case SSL3_ST_CW_KEY_EXCH_A:
                case SSL3_ST_CW_KEY_EXCH_B:
+                       dtls1_start_timer(s);
                        ret=dtls1_send_client_key_exchange(s);
                        if (ret <= 0) goto end;
                        l=s->s3->tmp.new_cipher->algorithms;
@@ -359,6 +365,7 @@ int dtls1_connect(SSL *s)
 
                case SSL3_ST_CW_CERT_VRFY_A:
                case SSL3_ST_CW_CERT_VRFY_B:
+                       dtls1_start_timer(s);
                        ret=dtls1_send_client_verify(s);
                        if (ret <= 0) goto end;
                        s->state=SSL3_ST_CW_CHANGE_A;
@@ -368,6 +375,7 @@ int dtls1_connect(SSL *s)
 
                case SSL3_ST_CW_CHANGE_A:
                case SSL3_ST_CW_CHANGE_B:
+                       dtls1_start_timer(s);
                        ret=dtls1_send_change_cipher_spec(s,
                                SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
                        if (ret <= 0) goto end;
@@ -402,6 +410,7 @@ int dtls1_connect(SSL *s)
 
                case SSL3_ST_CW_FINISHED_A:
                case SSL3_ST_CW_FINISHED_B:
+                       dtls1_start_timer(s);
                        ret=dtls1_send_finished(s,
                                SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
                                s->method->ssl3_enc->client_finished_label,
@@ -435,6 +444,7 @@ int dtls1_connect(SSL *s)
                        ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
                                SSL3_ST_CR_FINISHED_B);
                        if (ret <= 0) goto end;
+                       dtls1_stop_timer(s);
 
                        if (s->hit)
                                s->state=SSL3_ST_CW_CHANGE_A;
@@ -490,6 +500,7 @@ int dtls1_connect(SSL *s)
 
                        /* done with handshaking */
                        s->d1->handshake_read_seq  = 0;
+                       s->d1->next_handshake_write_seq = 0;
                        goto end;
                        /* break; */