Fix DTLSv1_listen following state machine changes

Adding the new state machine broke the DTLSv1_listen code because calling SSL_in_before() was erroneously returning true after DTLSv1_listen had successfully completed. This change ensures that SSL_in_before returns false. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-10-22 12:18:45 +0100
committer: Matt Caswell <matt@openssl.org> 2015-10-30 08:39:47 +0000
commit: 31fd10e60d12ae2e955de8651fa84aff016d719a (patch)
tree: d78fb23d8727df94c5013fc444edcbc68a3c0a3f /ssl/d1_lib.c
parent: 91eac8d567c2717ef7bfd7a5997f8e73057ce780 (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 087d6d2667..a6f06329a2 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -872,8 +872,11 @@ int dtls1_listen(SSL *s, struct sockaddr *client)
      */
     SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
 
-    /* Put us into the "init" state so that we don't get our state cleared */
-    ossl_statem_set_in_init(s, 1);
+    /*
+     * Tell the state machine that we've done the initial hello verify
+     * exchange
+     */
+    ossl_statem_set_hello_verify_done(s);
 
     if(BIO_dgram_get_peer(rbio, client) <= 0) {
         SSLerr(SSL_F_DTLS1_LISTEN, ERR_R_INTERNAL_ERROR);
author	Matt Caswell <matt@openssl.org>	2015-10-22 12:18:45 +0100
committer	Matt Caswell <matt@openssl.org>	2015-10-30 08:39:47 +0000
commit	31fd10e60d12ae2e955de8651fa84aff016d719a (patch)
tree	d78fb23d8727df94c5013fc444edcbc68a3c0a3f /ssl/d1_lib.c
parent	91eac8d567c2717ef7bfd7a5997f8e73057ce780 (diff)