Fix DTLSv1_listen following state machine changes Adding the new state machine broke the DTLSv1_listen code because calling SSL_in_before() was erroneously returning true after DTLSv1_listen had successfully completed. This change ensures that SSL_in_before returns false. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>

commit: 31fd10e60d12ae2e955de8651fa84aff016d719a [log] [tgz]
author: Matt Caswell <matt@openssl.org> Thu Oct 22 12:18:45 2015 +0100
committer: Matt Caswell <matt@openssl.org> Fri Oct 30 08:39:47 2015 +0000
tree: d78fb23d8727df94c5013fc444edcbc68a3c0a3f
parent: 91eac8d567c2717ef7bfd7a5997f8e73057ce780 [diff] [blame]
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 087d6d2..a6f0632 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c

@@ -872,8 +872,11 @@
      */
     SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
 
-    /* Put us into the "init" state so that we don't get our state cleared */
-    ossl_statem_set_in_init(s, 1);
+    /*
+     * Tell the state machine that we've done the initial hello verify
+     * exchange
+     */
+    ossl_statem_set_hello_verify_done(s);
 
     if(BIO_dgram_get_peer(rbio, client) <= 0) {
         SSLerr(SSL_F_DTLS1_LISTEN, ERR_R_INTERNAL_ERROR);
commit	31fd10e60d12ae2e955de8651fa84aff016d719a	[log] [tgz]
author	Matt Caswell <matt@openssl.org>	Thu Oct 22 12:18:45 2015 +0100
committer	Matt Caswell <matt@openssl.org>	Fri Oct 30 08:39:47 2015 +0000
tree	d78fb23d8727df94c5013fc444edcbc68a3c0a3f
parent	91eac8d567c2717ef7bfd7a5997f8e73057ce780 [diff] [blame]