PR: 2505

[oweals/openssl.git] / ssl / d1_srvr.c

diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index ac4fbda3a60b1bf3eb95d04e447a1d30c4f1cbfe..2d63199dd60a68fa8f525e6dbc31d81502892bdc 100644 (file)
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -278,6 +278,12 @@ int dtls1_accept(SSL *s)
                                {
                                ret = 2;
                                s->d1->listen = 0;
+                               /* Set expected sequence numbers
+                                * to continue the handshake.
+                                */
+                               s->d1->handshake_read_seq = 2;
+                               s->d1->handshake_write_seq = 1;
+                               s->d1->next_handshake_write_seq = 1;
                                goto end;
                                }
                        
@@ -737,9 +743,6 @@ int dtls1_send_hello_verify_request(SSL *s)
                /* number of bytes to write */
                s->init_num=p-buf;
                s->init_off=0;
-
-               /* buffer the message to handle re-xmits */
-               dtls1_buffer_message(s, 0);
                }
 
        /* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
@@ -1136,7 +1139,7 @@ int dtls1_send_server_key_exchange(SSL *s)
                if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
                        && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
                        {
-                       if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
+                       if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher, NULL))
                                == NULL)
                                {
                                al=SSL_AD_DECODE_ERROR;