}
if (which & SSL3_CC_READ) {
- if (SSL_CONNECTION_IS_DTLS(s)) {
- if (s->ext.use_etm)
- s->s3.flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
- else
- s->s3.flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
+ if (s->ext.use_etm)
+ s->s3.flags |= TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
+ else
+ s->s3.flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
- if (s->s3.tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
- s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
- else
- s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
+ if (s->s3.tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
+ s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
+ else
+ s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
- if (s->s3.tmp.new_cipher->algorithm2 & TLS1_TLSTREE)
- s->mac_flags |= SSL_MAC_FLAG_READ_MAC_TLSTREE;
- else
- s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_TLSTREE;
+ if (s->s3.tmp.new_cipher->algorithm2 & TLS1_TLSTREE)
+ s->mac_flags |= SSL_MAC_FLAG_READ_MAC_TLSTREE;
+ else
+ s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_TLSTREE;
+ if (SSL_CONNECTION_IS_DTLS(s)) {
if (s->enc_read_ctx != NULL) {
reuse_dd = 1;
} else if ((s->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL) {
goto skip_ktls;
/* check that cipher is supported */
- if (!ktls_check_supported_cipher(s, c, taglen))
+ if (!ktls_check_supported_cipher(s, c, m, taglen))
goto skip_ktls;
if (which & SSL3_CC_WRITE)