133 int dtls1_accept(SSL *ssl) {  in dtls1_accept()  argument
135   void (*cb)(const SSL *ssl, int type, int value) = NULL;  in dtls1_accept()
140   assert(ssl->handshake_func == dtls1_accept);  in dtls1_accept()
141   assert(ssl->server);  in dtls1_accept()
142   assert(SSL_IS_DTLS(ssl));  in dtls1_accept()
147   if (ssl->info_callback != NULL) {  in dtls1_accept()
148     cb = ssl->info_callback;  in dtls1_accept()
149   } else if (ssl->ctx->info_callback != NULL) {  in dtls1_accept()
150     cb = ssl->ctx->info_callback;  in dtls1_accept()
153   ssl->in_handshake++;  in dtls1_accept()
156     state = ssl->state;  in dtls1_accept()
158     switch (ssl->state) {  in dtls1_accept()
161           cb(ssl, SSL_CB_HANDSHAKE_START, 1);  in dtls1_accept()
164         if (ssl->init_buf == NULL) {  in dtls1_accept()
170           ssl->init_buf = buf;  in dtls1_accept()
174         ssl->init_num = 0;  in dtls1_accept()
176         if (!ssl_init_wbio_buffer(ssl, 1)) {  in dtls1_accept()
181         if (!ssl3_init_handshake_buffer(ssl)) {  in dtls1_accept()
187         ssl->state = SSL3_ST_SR_CLNT_HELLO_A;  in dtls1_accept()
194         ssl->shutdown = 0;  in dtls1_accept()
195         ret = ssl3_get_client_hello(ssl);  in dtls1_accept()
199         dtls1_stop_timer(ssl);  in dtls1_accept()
200         ssl->state = SSL3_ST_SW_SRVR_HELLO_A;  in dtls1_accept()
201         ssl->init_num = 0;  in dtls1_accept()
206         dtls1_start_timer(ssl);  in dtls1_accept()
207         ret = ssl3_send_server_hello(ssl);  in dtls1_accept()
212         if (ssl->hit) {  in dtls1_accept()
213           if (ssl->tlsext_ticket_expected) {  in dtls1_accept()
214             ssl->state = SSL3_ST_SW_SESSION_TICKET_A;  in dtls1_accept()
216             ssl->state = SSL3_ST_SW_CHANGE_A;  in dtls1_accept()
219           ssl->state = SSL3_ST_SW_CERT_A;  in dtls1_accept()
221         ssl->init_num = 0;  in dtls1_accept()
226         if (ssl_cipher_has_server_public_key(ssl->s3->tmp.new_cipher)) {  in dtls1_accept()
227           dtls1_start_timer(ssl);  in dtls1_accept()
228           ret = ssl3_send_server_certificate(ssl);  in dtls1_accept()
232           if (ssl->s3->tmp.certificate_status_expected) {  in dtls1_accept()
233             ssl->state = SSL3_ST_SW_CERT_STATUS_A;  in dtls1_accept()
235             ssl->state = SSL3_ST_SW_KEY_EXCH_A;  in dtls1_accept()
239           ssl->state = SSL3_ST_SW_KEY_EXCH_A;  in dtls1_accept()
241         ssl->init_num = 0;  in dtls1_accept()
246         ret = ssl3_send_certificate_status(ssl);  in dtls1_accept()
250         ssl->state = SSL3_ST_SW_KEY_EXCH_A;  in dtls1_accept()
251         ssl->init_num = 0;  in dtls1_accept()
257         alg_a = ssl->s3->tmp.new_cipher->algorithm_auth;  in dtls1_accept()
267         if (ssl_cipher_requires_server_key_exchange(ssl->s3->tmp.new_cipher) ||  in dtls1_accept()
268             ((alg_a & SSL_aPSK) && ssl->psk_identity_hint)) {  in dtls1_accept()
269           dtls1_start_timer(ssl);  in dtls1_accept()
270           ret = ssl3_send_server_key_exchange(ssl);  in dtls1_accept()
278         ssl->state = SSL3_ST_SW_CERT_REQ_A;  in dtls1_accept()
279         ssl->init_num = 0;  in dtls1_accept()
284         if (ssl->s3->tmp.cert_request) {  in dtls1_accept()
285           dtls1_start_timer(ssl);  in dtls1_accept()
286           ret = ssl3_send_certificate_request(ssl);  in dtls1_accept()
293         ssl->state = SSL3_ST_SW_SRVR_DONE_A;  in dtls1_accept()
294         ssl->init_num = 0;  in dtls1_accept()
299         dtls1_start_timer(ssl);  in dtls1_accept()
300         ret = ssl3_send_server_done(ssl);  in dtls1_accept()
304         ssl->s3->tmp.next_state = SSL3_ST_SR_CERT_A;  in dtls1_accept()
305         ssl->state = SSL3_ST_SW_FLUSH;  in dtls1_accept()
306         ssl->init_num = 0;  in dtls1_accept()
310         ssl->rwstate = SSL_WRITING;  in dtls1_accept()
311         if (BIO_flush(ssl->wbio) <= 0) {  in dtls1_accept()
315         ssl->rwstate = SSL_NOTHING;  in dtls1_accept()
316         ssl->state = ssl->s3->tmp.next_state;  in dtls1_accept()
321         if (ssl->s3->tmp.cert_request) {  in dtls1_accept()
322           ret = ssl3_get_client_certificate(ssl);  in dtls1_accept()
327         ssl->init_num = 0;  in dtls1_accept()
328         ssl->state = SSL3_ST_SR_KEY_EXCH_A;  in dtls1_accept()
334         ret = ssl3_get_client_key_exchange(ssl);  in dtls1_accept()
338         ssl->state = SSL3_ST_SR_CERT_VRFY_A;  in dtls1_accept()
339         ssl->init_num = 0;  in dtls1_accept()
344         ret = ssl3_get_cert_verify(ssl);  in dtls1_accept()
348         ssl->state = SSL3_ST_SR_CHANGE;  in dtls1_accept()
349         ssl->init_num = 0;  in dtls1_accept()
353         ret = ssl->method->ssl_read_change_cipher_spec(ssl);  in dtls1_accept()
358         if (!ssl3_do_change_cipher_spec(ssl)) {  in dtls1_accept()
363         ssl->state = SSL3_ST_SR_FINISHED_A;  in dtls1_accept()
368         ret = ssl3_get_finished(ssl, SSL3_ST_SR_FINISHED_A,  in dtls1_accept()
373         dtls1_stop_timer(ssl);  in dtls1_accept()
374         if (ssl->hit) {  in dtls1_accept()
375           ssl->state = SSL_ST_OK;  in dtls1_accept()
376         } else if (ssl->tlsext_ticket_expected) {  in dtls1_accept()
377           ssl->state = SSL3_ST_SW_SESSION_TICKET_A;  in dtls1_accept()
379           ssl->state = SSL3_ST_SW_CHANGE_A;  in dtls1_accept()
381         ssl->init_num = 0;  in dtls1_accept()
386         ret = ssl3_send_new_session_ticket(ssl);  in dtls1_accept()
390         ssl->state = SSL3_ST_SW_CHANGE_A;  in dtls1_accept()
391         ssl->init_num = 0;  in dtls1_accept()
396         ssl->session->cipher = ssl->s3->tmp.new_cipher;  in dtls1_accept()
397         if (!ssl->enc_method->setup_key_block(ssl)) {  in dtls1_accept()
402         ret = dtls1_send_change_cipher_spec(ssl, SSL3_ST_SW_CHANGE_A,  in dtls1_accept()
409         ssl->state = SSL3_ST_SW_FINISHED_A;  in dtls1_accept()
410         ssl->init_num = 0;  in dtls1_accept()
412         if (!ssl->enc_method->change_cipher_state(  in dtls1_accept()
413                 ssl, SSL3_CHANGE_CIPHER_SERVER_WRITE)) {  in dtls1_accept()
421         ret = ssl3_send_finished(ssl, SSL3_ST_SW_FINISHED_A,  in dtls1_accept()
423                                  ssl->enc_method->server_finished_label,  in dtls1_accept()
424                                  ssl->enc_method->server_finished_label_len);  in dtls1_accept()
428         ssl->state = SSL3_ST_SW_FLUSH;  in dtls1_accept()
429         if (ssl->hit) {  in dtls1_accept()
430           ssl->s3->tmp.next_state = SSL3_ST_SR_CHANGE;  in dtls1_accept()
432           ssl->s3->tmp.next_state = SSL_ST_OK;  in dtls1_accept()
434         ssl->init_num = 0;  in dtls1_accept()
438         ssl3_cleanup_key_block(ssl);  in dtls1_accept()
441         ssl_free_wbio_buffer(ssl);  in dtls1_accept()
443         ssl->init_num = 0;  in dtls1_accept()
444         ssl->s3->initial_handshake_complete = 1;  in dtls1_accept()
446         ssl_update_cache(ssl, SSL_SESS_CACHE_SERVER);  in dtls1_accept()
449           cb(ssl, SSL_CB_HANDSHAKE_DONE, 1);  in dtls1_accept()
455         ssl->d1->handshake_read_seq = 0;  in dtls1_accept()
457         ssl->d1->handshake_write_seq = 0;  in dtls1_accept()
458         ssl->d1->next_handshake_write_seq = 0;  in dtls1_accept()
467     if (!ssl->s3->tmp.reuse_message && !skip) {  in dtls1_accept()
468       if (cb != NULL && ssl->state != state) {  in dtls1_accept()
469         new_state = ssl->state;  in dtls1_accept()
470         ssl->state = state;  in dtls1_accept()
471         cb(ssl, SSL_CB_ACCEPT_LOOP, 1);  in dtls1_accept()
472         ssl->state = new_state;  in dtls1_accept()
479   ssl->in_handshake--;  in dtls1_accept()
482     cb(ssl, SSL_CB_ACCEPT_EXIT, ret);  in dtls1_accept()