Respect cookie length set by app_gen_cookie_cb [from HEAD].
authorAndy Polyakov <appro@openssl.org>
Tue, 9 Oct 2007 19:31:53 +0000 (19:31 +0000)
committerAndy Polyakov <appro@openssl.org>
Tue, 9 Oct 2007 19:31:53 +0000 (19:31 +0000)
Submitted by: Alex Lam

ssl/d1_srvr.c

index 7ebba51b8e36184f144da10ac2add57a2a2e8f36..927b01f3c477739fdab61cacea72b3f8ebb090c2 100644 (file)
@@ -631,8 +631,6 @@ int dtls1_send_hello_verify_request(SSL *s)
                        *(p++) = s->version >> 8,
                        *(p++) = s->version & 0xFF;
 
-               *(p++) = (unsigned char) s->d1->cookie_len;
-
                if (s->ctx->app_gen_cookie_cb != NULL &&
                    s->ctx->app_gen_cookie_cb(s, s->d1->cookie, 
                    &(s->d1->cookie_len)) == 0)
@@ -643,6 +641,7 @@ int dtls1_send_hello_verify_request(SSL *s)
                /* else the cookie is assumed to have 
                 * been initialized by the application */
 
+               *(p++) = (unsigned char) s->d1->cookie_len;
                memcpy(p, s->d1->cookie, s->d1->cookie_len);
                p += s->d1->cookie_len;
                msg_len = p - msg;