Lines Matching refs:s
46 static void dtls1_fix_message_header(SSL *s, size_t frag_off,
48 static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p);
49 static void dtls1_set_message_header_int(SSL *s, unsigned char mt,
54 static int dtls_get_reassembled_message(SSL *s, int *errtype, size_t *len);
112 int dtls1_do_write(SSL *s, int type) in dtls1_do_write() argument
120 if (!dtls1_query_mtu(s)) in dtls1_do_write()
123 if (s->d1->mtu < dtls1_min_mtu(s)) in dtls1_do_write()
127 if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE) { in dtls1_do_write()
128 if (!ossl_assert(s->init_num == in dtls1_do_write()
129 s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH)) in dtls1_do_write()
133 if (s->write_hash) { in dtls1_do_write()
134 if (s->enc_write_ctx in dtls1_do_write()
135 && (EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(s->enc_write_ctx)) & in dtls1_do_write()
139 mac_size = EVP_MD_CTX_get_size(s->write_hash); in dtls1_do_write()
143 if (s->enc_write_ctx && in dtls1_do_write()
144 (EVP_CIPHER_CTX_get_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE)) in dtls1_do_write()
145 blocksize = 2 * EVP_CIPHER_CTX_get_block_size(s->enc_write_ctx); in dtls1_do_write()
150 s->rwstate = SSL_NOTHING; in dtls1_do_write()
153 while (s->init_num > 0) { in dtls1_do_write()
154 if (type == SSL3_RT_HANDSHAKE && s->init_off != 0) { in dtls1_do_write()
160 if (s->init_off <= DTLS1_HM_HEADER_LENGTH) { in dtls1_do_write()
175 s->init_off -= DTLS1_HM_HEADER_LENGTH; in dtls1_do_write()
176 s->init_num += DTLS1_HM_HEADER_LENGTH; in dtls1_do_write()
184 frag_off = s->d1->w_msg_hdr.frag_off; in dtls1_do_write()
188 used_len = BIO_wpending(s->wbio) + DTLS1_RT_HEADER_LENGTH in dtls1_do_write()
190 if (s->d1->mtu > used_len) in dtls1_do_write()
191 curr_mtu = s->d1->mtu - used_len; in dtls1_do_write()
199 ret = BIO_flush(s->wbio); in dtls1_do_write()
201 s->rwstate = SSL_WRITING; in dtls1_do_write()
205 if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) { in dtls1_do_write()
206 curr_mtu = s->d1->mtu - used_len; in dtls1_do_write()
216 if (((unsigned int)s->init_num) > curr_mtu) in dtls1_do_write()
219 len = s->init_num; in dtls1_do_write()
221 if (len > s->max_send_fragment) in dtls1_do_write()
222 len = s->max_send_fragment; in dtls1_do_write()
235 dtls1_fix_message_header(s, frag_off, len - DTLS1_HM_HEADER_LENGTH); in dtls1_do_write()
237 dtls1_write_message_header(s, in dtls1_do_write()
238 (unsigned char *)&s->init_buf-> in dtls1_do_write()
239 data[s->init_off]); in dtls1_do_write()
242 ret = dtls1_write_bytes(s, type, &s->init_buf->data[s->init_off], len, in dtls1_do_write()
251 if (retry && BIO_ctrl(SSL_get_wbio(s), in dtls1_do_write()
253 if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) { in dtls1_do_write()
254 if (!dtls1_query_mtu(s)) in dtls1_do_write()
272 if (type == SSL3_RT_HANDSHAKE && !s->d1->retransmitting) { in dtls1_do_write()
278 (unsigned char *)&s->init_buf->data[s->init_off]; in dtls1_do_write()
279 const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr; in dtls1_do_write()
282 if (frag_off == 0 && s->version != DTLS1_BAD_VER) { in dtls1_do_write()
299 if (!ssl3_finish_mac(s, p, xlen)) in dtls1_do_write()
303 if (written == s->init_num) { in dtls1_do_write()
304 if (s->msg_callback) in dtls1_do_write()
305 s->msg_callback(1, s->version, type, s->init_buf->data, in dtls1_do_write()
306 (size_t)(s->init_off + s->init_num), s, in dtls1_do_write()
307 s->msg_callback_arg); in dtls1_do_write()
309 s->init_off = 0; /* done writing this message */ in dtls1_do_write()
310 s->init_num = 0; in dtls1_do_write()
314 s->init_off += written; in dtls1_do_write()
315 s->init_num -= written; in dtls1_do_write()
325 dtls1_fix_message_header(s, frag_off, 0); in dtls1_do_write()
331 int dtls_get_message(SSL *s, int *mt) in dtls_get_message() argument
339 msg_hdr = &s->d1->r_msg_hdr; in dtls_get_message()
343 if (!dtls_get_reassembled_message(s, &errtype, &tmplen)) { in dtls_get_message()
352 *mt = s->s3.tmp.message_type; in dtls_get_message()
354 p = (unsigned char *)s->init_buf->data; in dtls_get_message()
357 if (s->msg_callback) { in dtls_get_message()
358 s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, in dtls_get_message()
359 p, 1, s, s->msg_callback_arg); in dtls_get_message()
378 s->d1->handshake_read_seq++; in dtls_get_message()
380 s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH; in dtls_get_message()
390 int dtls_get_message_body(SSL *s, size_t *len) in dtls_get_message_body() argument
392 unsigned char *msg = (unsigned char *)s->init_buf->data; in dtls_get_message_body()
393 size_t msg_len = s->init_num + DTLS1_HM_HEADER_LENGTH; in dtls_get_message_body()
395 if (s->s3.tmp.message_type == SSL3_MT_CHANGE_CIPHER_SPEC) { in dtls_get_message_body()
403 if (*(s->init_buf->data) == SSL3_MT_FINISHED && !ssl3_take_mac(s)) { in dtls_get_message_body()
408 if (s->version == DTLS1_BAD_VER) { in dtls_get_message_body()
413 if (!ssl3_finish_mac(s, msg, msg_len)) in dtls_get_message_body()
416 if (s->msg_callback) in dtls_get_message_body()
417 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, in dtls_get_message_body()
418 s->init_buf->data, s->init_num + DTLS1_HM_HEADER_LENGTH, in dtls_get_message_body()
419 s, s->msg_callback_arg); in dtls_get_message_body()
422 *len = s->init_num; in dtls_get_message_body()
431 static size_t dtls1_max_handshake_message_len(const SSL *s) in dtls1_max_handshake_message_len() argument
434 if (max_len < s->max_cert_list) in dtls1_max_handshake_message_len()
435 return s->max_cert_list; in dtls1_max_handshake_message_len()
439 static int dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr) in dtls1_preprocess_fragment() argument
449 || msg_len > dtls1_max_handshake_message_len(s)) { in dtls1_preprocess_fragment()
450 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_EXCESSIVE_MESSAGE_SIZE); in dtls1_preprocess_fragment()
454 if (s->d1->r_msg_hdr.frag_off == 0) { /* first fragment */ in dtls1_preprocess_fragment()
459 if (!BUF_MEM_grow_clean(s->init_buf, msg_len + DTLS1_HM_HEADER_LENGTH)) { in dtls1_preprocess_fragment()
460 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_BUF_LIB); in dtls1_preprocess_fragment()
464 s->s3.tmp.message_size = msg_len; in dtls1_preprocess_fragment()
465 s->d1->r_msg_hdr.msg_len = msg_len; in dtls1_preprocess_fragment()
466 s->s3.tmp.message_type = msg_hdr->type; in dtls1_preprocess_fragment()
467 s->d1->r_msg_hdr.type = msg_hdr->type; in dtls1_preprocess_fragment()
468 s->d1->r_msg_hdr.seq = msg_hdr->seq; in dtls1_preprocess_fragment()
469 } else if (msg_len != s->d1->r_msg_hdr.msg_len) { in dtls1_preprocess_fragment()
474 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_EXCESSIVE_MESSAGE_SIZE); in dtls1_preprocess_fragment()
485 static int dtls1_retrieve_buffered_fragment(SSL *s, size_t *len) in dtls1_retrieve_buffered_fragment() argument
498 item = pqueue_peek(s->d1->buffered_messages); in dtls1_retrieve_buffered_fragment()
504 if (frag->msg_header.seq < s->d1->handshake_read_seq) { in dtls1_retrieve_buffered_fragment()
506 pqueue_pop(s->d1->buffered_messages); in dtls1_retrieve_buffered_fragment()
518 if (s->d1->handshake_read_seq == frag->msg_header.seq) { in dtls1_retrieve_buffered_fragment()
520 pqueue_pop(s->d1->buffered_messages); in dtls1_retrieve_buffered_fragment()
523 ret = dtls1_preprocess_fragment(s, &frag->msg_header); in dtls1_retrieve_buffered_fragment()
527 (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH; in dtls1_retrieve_buffered_fragment()
541 s->init_num = 0; in dtls1_retrieve_buffered_fragment()
549 dtls1_reassemble_fragment(SSL *s, const struct hm_header_st *msg_hdr) in dtls1_reassemble_fragment() argument
559 msg_hdr->msg_len > dtls1_max_handshake_message_len(s)) in dtls1_reassemble_fragment()
570 item = pqueue_find(s->d1->buffered_messages, seq64be); in dtls1_reassemble_fragment()
597 i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL, in dtls1_reassemble_fragment()
610 i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL, in dtls1_reassemble_fragment()
638 item = pqueue_insert(s->d1->buffered_messages, item); in dtls1_reassemble_fragment()
658 dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st *msg_hdr) in dtls1_process_out_of_seq_message() argument
674 item = pqueue_find(s->d1->buffered_messages, seq64be); in dtls1_process_out_of_seq_message()
688 if (msg_hdr->seq <= s->d1->handshake_read_seq || in dtls1_process_out_of_seq_message()
689 msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL || in dtls1_process_out_of_seq_message()
690 (s->d1->handshake_read_seq == 0 && msg_hdr->type == SSL3_MT_FINISHED)) { in dtls1_process_out_of_seq_message()
694 i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL, in dtls1_process_out_of_seq_message()
705 return dtls1_reassemble_fragment(s, msg_hdr); in dtls1_process_out_of_seq_message()
708 if (frag_len > dtls1_max_handshake_message_len(s)) in dtls1_process_out_of_seq_message()
721 i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL, in dtls1_process_out_of_seq_message()
734 item = pqueue_insert(s->d1->buffered_messages, item); in dtls1_process_out_of_seq_message()
755 static int dtls_get_reassembled_message(SSL *s, int *errtype, size_t *len) in dtls_get_reassembled_message() argument
767 ret = dtls1_retrieve_buffered_fragment(s, &frag_len); in dtls_get_reassembled_message()
773 s->init_num = frag_len; in dtls_get_reassembled_message()
779 i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, &recvd_type, wire, in dtls_get_reassembled_message()
782 s->rwstate = SSL_READING; in dtls_get_reassembled_message()
788 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, in dtls_get_reassembled_message()
793 memcpy(s->init_buf->data, wire, readbytes); in dtls_get_reassembled_message()
794 s->init_num = readbytes - 1; in dtls_get_reassembled_message()
795 s->init_msg = s->init_buf->data + 1; in dtls_get_reassembled_message()
796 s->s3.tmp.message_type = SSL3_MT_CHANGE_CIPHER_SPEC; in dtls_get_reassembled_message()
797 s->s3.tmp.message_size = readbytes - 1; in dtls_get_reassembled_message()
804 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_UNEXPECTED_MESSAGE); in dtls_get_reassembled_message()
819 if (frag_len > RECORD_LAYER_get_rrec_length(&s->rlayer)) { in dtls_get_reassembled_message()
820 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_LENGTH); in dtls_get_reassembled_message()
830 if (msg_hdr.seq != s->d1->handshake_read_seq) { in dtls_get_reassembled_message()
831 *errtype = dtls1_process_out_of_seq_message(s, &msg_hdr); in dtls_get_reassembled_message()
836 *errtype = dtls1_reassemble_fragment(s, &msg_hdr); in dtls_get_reassembled_message()
840 if (!s->server in dtls_get_reassembled_message()
841 && s->d1->r_msg_hdr.frag_off == 0 in dtls_get_reassembled_message()
842 && s->statem.hand_state != TLS_ST_OK in dtls_get_reassembled_message()
850 if (s->msg_callback) in dtls_get_reassembled_message()
851 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, in dtls_get_reassembled_message()
852 wire, DTLS1_HM_HEADER_LENGTH, s, in dtls_get_reassembled_message()
853 s->msg_callback_arg); in dtls_get_reassembled_message()
855 s->init_num = 0; in dtls_get_reassembled_message()
859 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_UNEXPECTED_MESSAGE); in dtls_get_reassembled_message()
864 if (!dtls1_preprocess_fragment(s, &msg_hdr)) { in dtls_get_reassembled_message()
871 (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH; in dtls_get_reassembled_message()
873 i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL, in dtls_get_reassembled_message()
881 s->rwstate = SSL_READING; in dtls_get_reassembled_message()
894 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_LENGTH); in dtls_get_reassembled_message()
904 *len = s->init_num = frag_len; in dtls_get_reassembled_message()
908 s->init_num = 0; in dtls_get_reassembled_message()
922 int dtls_construct_change_cipher_spec(SSL *s, WPACKET *pkt) in dtls_construct_change_cipher_spec() argument
924 if (s->version == DTLS1_BAD_VER) { in dtls_construct_change_cipher_spec()
925 s->d1->next_handshake_write_seq++; in dtls_construct_change_cipher_spec()
927 if (!WPACKET_put_bytes_u16(pkt, s->d1->handshake_write_seq)) { in dtls_construct_change_cipher_spec()
928 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); in dtls_construct_change_cipher_spec()
941 WORK_STATE dtls_wait_for_dry(SSL *s) in dtls_wait_for_dry() argument
947 ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s)); in dtls_wait_for_dry()
949 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); in dtls_wait_for_dry()
960 if (dtls_get_reassembled_message(s, &errtype, &len)) { in dtls_wait_for_dry()
962 SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_R_UNEXPECTED_MESSAGE); in dtls_wait_for_dry()
966 s->s3.in_read_app_data = 2; in dtls_wait_for_dry()
967 s->rwstate = SSL_READING; in dtls_wait_for_dry()
968 BIO_clear_retry_flags(SSL_get_rbio(s)); in dtls_wait_for_dry()
969 BIO_set_retry_read(SSL_get_rbio(s)); in dtls_wait_for_dry()
976 int dtls1_read_failed(SSL *s, int code) in dtls1_read_failed() argument
979 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); in dtls1_read_failed()
983 if (!dtls1_is_timer_expired(s) || ossl_statem_in_error(s)) { in dtls1_read_failed()
991 if (!SSL_in_init(s)) in dtls1_read_failed()
993 BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ); in dtls1_read_failed()
997 return dtls1_handle_timeout(s); in dtls1_read_failed()
1015 int dtls1_retransmit_buffered_messages(SSL *s) in dtls1_retransmit_buffered_messages() argument
1017 pqueue *sent = s->d1->sent_messages; in dtls1_retransmit_buffered_messages()
1027 if (dtls1_retransmit_message(s, (unsigned short) in dtls1_retransmit_buffered_messages()
1037 int dtls1_buffer_message(SSL *s, int is_ccs) in dtls1_buffer_message() argument
1047 if (!ossl_assert(s->init_off == 0)) in dtls1_buffer_message()
1050 frag = dtls1_hm_fragment_new(s->init_num, 0); in dtls1_buffer_message()
1054 memcpy(frag->fragment, s->init_buf->data, s->init_num); in dtls1_buffer_message()
1058 if (!ossl_assert(s->d1->w_msg_hdr.msg_len + in dtls1_buffer_message()
1059 ((s->version == in dtls1_buffer_message()
1061 == (unsigned int)s->init_num)) { in dtls1_buffer_message()
1066 if (!ossl_assert(s->d1->w_msg_hdr.msg_len + in dtls1_buffer_message()
1067 DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num)) { in dtls1_buffer_message()
1073 frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len; in dtls1_buffer_message()
1074 frag->msg_header.seq = s->d1->w_msg_hdr.seq; in dtls1_buffer_message()
1075 frag->msg_header.type = s->d1->w_msg_hdr.type; in dtls1_buffer_message()
1077 frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len; in dtls1_buffer_message()
1081 frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx; in dtls1_buffer_message()
1082 frag->msg_header.saved_retransmit_state.write_hash = s->write_hash; in dtls1_buffer_message()
1083 frag->msg_header.saved_retransmit_state.compress = s->compress; in dtls1_buffer_message()
1084 frag->msg_header.saved_retransmit_state.session = s->session; in dtls1_buffer_message()
1086 DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer); in dtls1_buffer_message()
1104 pqueue_insert(s->d1->sent_messages, item); in dtls1_buffer_message()
1108 int dtls1_retransmit_message(SSL *s, unsigned short seq, int *found) in dtls1_retransmit_message() argument
1123 item = pqueue_find(s->d1->sent_messages, seq64be); in dtls1_retransmit_message()
1125 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); in dtls1_retransmit_message()
1138 memcpy(s->init_buf->data, frag->fragment, in dtls1_retransmit_message()
1140 s->init_num = frag->msg_header.msg_len + header_length; in dtls1_retransmit_message()
1142 dtls1_set_message_header_int(s, frag->msg_header.type, in dtls1_retransmit_message()
1148 saved_state.enc_write_ctx = s->enc_write_ctx; in dtls1_retransmit_message()
1149 saved_state.write_hash = s->write_hash; in dtls1_retransmit_message()
1150 saved_state.compress = s->compress; in dtls1_retransmit_message()
1151 saved_state.session = s->session; in dtls1_retransmit_message()
1152 saved_state.epoch = DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer); in dtls1_retransmit_message()
1154 s->d1->retransmitting = 1; in dtls1_retransmit_message()
1157 s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx; in dtls1_retransmit_message()
1158 s->write_hash = frag->msg_header.saved_retransmit_state.write_hash; in dtls1_retransmit_message()
1159 s->compress = frag->msg_header.saved_retransmit_state.compress; in dtls1_retransmit_message()
1160 s->session = frag->msg_header.saved_retransmit_state.session; in dtls1_retransmit_message()
1161 DTLS_RECORD_LAYER_set_saved_w_epoch(&s->rlayer, in dtls1_retransmit_message()
1165 ret = dtls1_do_write(s, frag->msg_header.is_ccs ? in dtls1_retransmit_message()
1169 s->enc_write_ctx = saved_state.enc_write_ctx; in dtls1_retransmit_message()
1170 s->write_hash = saved_state.write_hash; in dtls1_retransmit_message()
1171 s->compress = saved_state.compress; in dtls1_retransmit_message()
1172 s->session = saved_state.session; in dtls1_retransmit_message()
1173 DTLS_RECORD_LAYER_set_saved_w_epoch(&s->rlayer, saved_state.epoch); in dtls1_retransmit_message()
1175 s->d1->retransmitting = 0; in dtls1_retransmit_message()
1177 (void)BIO_flush(s->wbio); in dtls1_retransmit_message()
1181 void dtls1_set_message_header(SSL *s, in dtls1_set_message_header() argument
1186 s->d1->handshake_write_seq = s->d1->next_handshake_write_seq; in dtls1_set_message_header()
1187 s->d1->next_handshake_write_seq++; in dtls1_set_message_header()
1190 dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq, in dtls1_set_message_header()
1196 dtls1_set_message_header_int(SSL *s, unsigned char mt, in dtls1_set_message_header_int() argument
1200 struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr; in dtls1_set_message_header_int()
1210 dtls1_fix_message_header(SSL *s, size_t frag_off, size_t frag_len) in dtls1_fix_message_header() argument
1212 struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr; in dtls1_fix_message_header()
1218 static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p) in dtls1_write_message_header() argument
1220 struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr; in dtls1_write_message_header()
1243 int dtls1_set_handshake_header(SSL *s, WPACKET *pkt, int htype) in dtls1_set_handshake_header() argument
1248 s->d1->handshake_write_seq = s->d1->next_handshake_write_seq; in dtls1_set_handshake_header()
1249 dtls1_set_message_header_int(s, SSL3_MT_CCS, 0, in dtls1_set_handshake_header()
1250 s->d1->handshake_write_seq, 0, 0); in dtls1_set_handshake_header()
1254 dtls1_set_message_header(s, htype, 0, 0, 0); in dtls1_set_handshake_header()
1267 int dtls1_close_construct_packet(SSL *s, WPACKET *pkt, int htype) in dtls1_close_construct_packet() argument
1277 s->d1->w_msg_hdr.msg_len = msglen - DTLS1_HM_HEADER_LENGTH; in dtls1_close_construct_packet()
1278 s->d1->w_msg_hdr.frag_len = msglen - DTLS1_HM_HEADER_LENGTH; in dtls1_close_construct_packet()
1280 s->init_num = (int)msglen; in dtls1_close_construct_packet()
1281 s->init_off = 0; in dtls1_close_construct_packet()
1285 if (!dtls1_buffer_message(s, htype == SSL3_MT_CHANGE_CIPHER_SPEC in dtls1_close_construct_packet()