--- openssl-0.9.8d.orig/ssl/d1_srvr.c 2005-12-05 19:32:19.000000000 +0200 +++ openssl-0.9.8d/ssl/d1_srvr.c 2007-01-21 15:11:50.537653785 +0200 @@ -619,18 +623,19 @@ int dtls1_send_hello_verify_request(SSL { buf = (unsigned char *)s->init_buf->data; + if ( s->ctx->app_gen_cookie_cb != NULL && + s->ctx->app_gen_cookie_cb(s, s->d1->cookie, + &(s->d1->cookie_len)) == 0) + { + SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,ERR_R_INTERNAL_ERROR); + return 0; + } + msg = p = &(buf[DTLS1_HM_HEADER_LENGTH]); *(p++) = s->version >> 8; *(p++) = s->version & 0xFF; - *(p++) = (unsigned char) s->d1->cookie_len; - if ( s->ctx->app_gen_cookie_cb != NULL && - s->ctx->app_gen_cookie_cb(s, s->d1->cookie, - &(s->d1->cookie_len)) == 0) - { - SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,ERR_R_INTERNAL_ERROR); - return 0; - } + /* else the cookie is assumed to have * been initialized by the application */