fix SSLerr stuff for DTLS1 code;

 * Read an entire handshake message.  Handshake messages arrive in

 * fragments.

 */

long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, 

	int	*ok)

long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)

	{

	int i, al;

		if ((mt >= 0) && (s->s3->tmp.message_type != mt))

			{

			al=SSL_AD_UNEXPECTED_MESSAGE;

			SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);

			SSLerr(SSL_F_DTLS1_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);

			goto f_err;

			}

		*ok=1;

    if ( (int)msg_hdr->frag_len && !BUF_MEM_grow_clean(s->init_buf, 

             (int)msg_hdr->frag_len + DTLS1_HM_HEADER_LENGTH + s->init_num))

        {

        SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);

        SSLerr(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE,ERR_R_BUF_LIB);

        goto err;

        }

    if ( frag_off + frag_len > l)

        {

        al=SSL_AD_ILLEGAL_PARAMETER;

        SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);

        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);

        goto f_err;

        }

        else /* Incorrectly formated Hello request */

            {

            al=SSL_AD_UNEXPECTED_MESSAGE;

            SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);

            SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_UNEXPECTED_MESSAGE);

            goto f_err;

            }

        }

		if (l > (INT_MAX-DTLS1_HM_HEADER_LENGTH)) 

			{

			al=SSL_AD_ILLEGAL_PARAMETER;

			SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);

			SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);

			goto f_err;

			}

		if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l

			+ DTLS1_HM_HEADER_LENGTH))

			{

			SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);

			SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,ERR_R_BUF_LIB);

			goto err;

			}

        /* Only do this test when we're reading the expected message.

        if ( l > (unsigned long)max)

			{

			al=SSL_AD_ILLEGAL_PARAMETER;

			SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);

			SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);

			goto f_err;

			}

    if ( frag_len > (unsigned long)max)

        {

        al=SSL_AD_ILLEGAL_PARAMETER;

        SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);

        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);

        goto f_err;

        }

    if ( frag_len + s->init_num > (INT_MAX - DTLS1_HM_HEADER_LENGTH))

        {

        al=SSL_AD_ILLEGAL_PARAMETER;

        SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);

        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);

        goto f_err;

        }

    if ( frag_len & !BUF_MEM_grow_clean(s->init_buf, (int)frag_len 

             + DTLS1_HM_HEADER_LENGTH + s->init_num))

        {

        SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);

        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,ERR_R_BUF_LIB);

        goto err;

        }

	buf=s->init_buf;

	if (!BUF_MEM_grow_clean(buf,10))

		{

		SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);

		SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);

		return(0);

		}

	if (x != NULL)

		{

		if(!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))

			{

			SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);

			SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);

			return(0);

			}

			n=i2d_X509(x,NULL);

			if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))

				{

				SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);

				SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);

				return(0);

				}

			p=(unsigned char *)&(buf->data[l]);

		n=i2d_X509(x,NULL);

		if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))

			{

			SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);

			SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);

			return(0);

			}

		p=(unsigned char *)&(buf->data[l]);

			if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00))

				{

				SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);

				SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);

				ret = -1;

				goto end;

				}

			/* break; */

		default:

			SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE);

			SSLerr(SSL_F_DTLS1_CONNECT,SSL_R_UNKNOWN_STATE);

			ret= -1;

			goto end;

			/* break; */

			{

			if (i > sizeof s->session->session_id)

				{

				SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);

				SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);

				goto err;

				}

			memcpy(p,s->session->session_id,i);

		/* cookie stuff */

		if ( s->d1->cookie_len > sizeof(s->d1->cookie))

			{

			SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);

			SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);

			goto err;

			}

		*(p++) = s->d1->cookie_len;

		i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]));

		if (i == 0)

			{

			SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);

			SSLerr(SSL_F_DTLS1_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);

			goto err;

			}

		s2n(i,p);

	if ((data[0] != (s->version>>8)) || (data[1] != (s->version&0xff)))

		{

		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION);

		SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY,SSL_R_WRONG_SSL_VERSION);

		s->version=(s->version&0xff00)|data[1];

		al = SSL_AD_PROTOCOL_VERSION;

		goto f_err;

					(pkey->type != EVP_PKEY_RSA) ||

					(pkey->pkey.rsa == NULL))

					{

					SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);

					SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);

					goto err;

					}

				rsa=pkey->pkey.rsa;

#endif

			if (n <= 0)

				{

				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);

				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);

				goto err;

				}

                                {

                                ssl3_send_alert(s,SSL3_AL_FATAL,

						SSL_AD_HANDSHAKE_FAILURE);

                                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,

                                SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

						kssl_err.reason);

                                goto err;

                                }

			outl += padl;

			if (outl > sizeof epms)

				{

				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);

				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);

				goto err;

				}

			EVP_CIPHER_CTX_cleanup(&ciph_ctx);

				{

				/* we get them from the cert */

				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);

				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);

				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);

				goto err;

				}

			/* generate a new random key */

			if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)

				{

				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);

				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);

				goto err;

				}

			if (!DH_generate_key(dh_clnt))

				{

				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);

				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);

				goto err;

				}

			if (n <= 0)

				{

				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);

				SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);

				goto err;

				}

		else

			{

			ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);

			SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);

			SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);

			goto err;

			}

					 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,

					&(p[2]), &u, pkey->pkey.rsa) <= 0 )

				{

				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB);

				SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB);

				goto err;

				}

			s2n(u,p);

				SHA_DIGEST_LENGTH,&(p[2]),

				(unsigned int *)&j,pkey->pkey.dsa))

				{

				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB);

				SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB);

				goto err;

				}

			s2n(j,p);

		else

#endif

			{

			SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_INTERNAL_ERROR);

			SSLerr(SSL_F_DTLS1_SEND_CLIENT_VERIFY,ERR_R_INTERNAL_ERROR);

			goto err;

			}

		else if (i == 1)

			{

			i=0;

			SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);

			SSLerr(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);

			}

		if (x509 != NULL) X509_free(x509);

			{

			if (l == 0 || l%bs != 0)

				{

				SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);

				SSLerr(SSL_F_DTLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);

				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);

				return 0;

				}

		if (rdata != NULL) OPENSSL_free(rdata);

		if (item != NULL) pitem_free(item);

		SSLerr(SSL_F_SSL3_GET_RECORD, ERR_R_INTERNAL_ERROR);

		SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);

		return(0);

		}

	if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH)

		{

		al=SSL_AD_RECORD_OVERFLOW;

		SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);

		SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);

		goto f_err;

		}

			{

#if 0 /* OK only for stream ciphers (then rr->length is visible from ciphertext anyway) */

			al=SSL_AD_RECORD_OVERFLOW;

			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);

			SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);

			goto f_err;

#else

			goto decryption_failed_or_bad_record_mac;

			{

#if 0 /* OK only for stream ciphers */

			al=SSL_AD_DECODE_ERROR;

			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);

			SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_LENGTH_TOO_SHORT);

			goto f_err;

#else

			goto decryption_failed_or_bad_record_mac;

		if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH)

			{

			al=SSL_AD_RECORD_OVERFLOW;

			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);

			SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);

			goto f_err;

			}

		if (!ssl3_do_uncompress(s))

			{

			al=SSL_AD_DECOMPRESSION_FAILURE;

			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);

			SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_BAD_DECOMPRESSION);

			goto f_err;

			}

		}

	if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH)

		{

		al=SSL_AD_RECORD_OVERFLOW;

		SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);

		SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);

		goto f_err;

		}

	 * we should not reveal which kind of error occured -- this

	 * might become visible to an attacker (e.g. via logfile) */

	al=SSL_AD_BAD_RECORD_MAC;

	SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);

	SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);

f_err:

	ssl3_send_alert(s,SSL3_AL_FATAL,al);

err:

			{

			if (version != s->version)

				{

				SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);

				SSLerr(SSL_F_DTLS1_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);

				/* Send back error using their

				 * version number :-) */

				s->version=version;

		if ((version & 0xff00) != (DTLS1_VERSION & 0xff00))

			{

			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);

			SSLerr(SSL_F_DTLS1_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);

			goto err;

			}

		if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH)

			{

			al=SSL_AD_RECORD_OVERFLOW;

			SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);

			SSLerr(SSL_F_DTLS1_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);

			goto f_err;

			}

		(type != SSL3_RT_HANDSHAKE) && type) ||

	    (peek && (type != SSL3_RT_APPLICATION_DATA)))

		{

		SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);

		SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);

		return -1;

		}

		if (i < 0) return(i);

		if (i == 0)

			{

			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);

			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);

			return(-1);

			}

		}

		&& (rr->type != SSL3_RT_HANDSHAKE))

		{

		al=SSL_AD_UNEXPECTED_MESSAGE;

		SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);

		SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);

		goto err;

		}

			(s->enc_read_ctx == NULL))

			{

			al=SSL_AD_UNEXPECTED_MESSAGE;

			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE);

			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE);

			goto f_err;

			}

			(s->d1->handshake_fragment[3] != 0))

			{

			al=SSL_AD_DECODE_ERROR;

			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST);

			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_BAD_HELLO_REQUEST);

			goto err;

			}

				if (i < 0) return(i);

				if (i == 0)

					{

					SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);

					SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);

					return(-1);

					}

			s->rwstate=SSL_NOTHING;

			s->s3->fatal_alert = alert_descr;

			SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);

			SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);

			BIO_snprintf(tmp,sizeof tmp,"%d",alert_descr);

			ERR_add_error_data(2,"SSL alert number ",tmp);

			s->shutdown|=SSL_RECEIVED_SHUTDOWN;

		else

			{

			al=SSL_AD_ILLEGAL_PARAMETER;

			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE);

			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE);

			goto f_err;

			}

				(rr->off != 0) || (rr->data[0] != SSL3_MT_CCS))

				{

				i=SSL_AD_ILLEGAL_PARAMETER;

				SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);

				SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);

				goto err;

				}

		if (i < 0) return(i);

		if (i == 0)

			{

			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);

			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);

			return(-1);

			}

			}

#endif

		al=SSL_AD_UNEXPECTED_MESSAGE;

		SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);

		SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_UNEXPECTED_RECORD);

		goto f_err;

	case SSL3_RT_CHANGE_CIPHER_SPEC:

	case SSL3_RT_ALERT:

		 * of SSL3_RT_HANDSHAKE when s->in_handshake is set, but that

		 * should not happen when type != rr->type */

		al=SSL_AD_UNEXPECTED_MESSAGE;

		SSLerr(SSL_F_SSL3_READ_BYTES,ERR_R_INTERNAL_ERROR);

		SSLerr(SSL_F_DTLS1_READ_BYTES,ERR_R_INTERNAL_ERROR);

		goto f_err;

	case SSL3_RT_APPLICATION_DATA:

		/* At this point, we were expecting handshake data,

		else

			{

			al=SSL_AD_UNEXPECTED_MESSAGE;

			SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);

			SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_UNEXPECTED_RECORD);

			goto f_err;

			}

		}

		if (i < 0) return(i);

		if (i == 0)

			{

			SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);

			SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);

			return -1;

			}

		}

	return tot + i;

	}

int do_dtls1_write(SSL *s, int type, const unsigned char *buf,

	unsigned int len, int create_empty_fragment)

int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment)

	{

	unsigned char *p,*pseq;

	int i,mac_size,clear=0;

			if (s->s3->wbuf.len < (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE)

				{

				/* insufficient space */

				SSLerr(SSL_F_DO_SSL3_WRITE, ERR_R_INTERNAL_ERROR);

				SSLerr(SSL_F_DO_DTLS1_WRITE, ERR_R_INTERNAL_ERROR);

				goto err;

				}

			}

		{

		if (!ssl3_do_compress(s))

			{

			SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE);

			SSLerr(SSL_F_DO_DTLS1_WRITE,SSL_R_COMPRESSION_FAILURE);

			goto err;

			}

		}

	if (s->cert == NULL)

		{

		SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET);

		SSLerr(SSL_F_DTLS1_ACCEPT,SSL_R_NO_CERTIFICATE_SET);

		return(-1);

		}

			if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00))

				{

				SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);

				SSLerr(SSL_F_DTLS1_ACCEPT, ERR_R_INTERNAL_ERROR);

				return -1;

				}

			s->type=SSL_ST_ACCEPT;

			/* break; */

		default:

			SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE);

			SSLerr(SSL_F_DTLS1_ACCEPT,SSL_R_UNKNOWN_STATE);

			ret= -1;

			goto end;

			/* break; */

		sl=s->session->session_id_length;

		if (sl > sizeof s->session->session_id)

			{

			SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);

			SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);

			return -1;

			}

		*(p++)=sl;

				if(rsa == NULL)

				{

					al=SSL_AD_HANDSHAKE_FAILURE;

					SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY);

					SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY);

					goto f_err;

				}

				RSA_up_ref(rsa);

			if (rsa == NULL)

				{

				al=SSL_AD_HANDSHAKE_FAILURE;

				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);

				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);

				goto f_err;

				}

			r[0]=rsa->n;

			if (dhp == NULL)

				{

				al=SSL_AD_HANDSHAKE_FAILURE;

				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);