--- openssl-0.9.8d.orig/ssl/d1_srvr.c	2005-12-05 19:32:19.000000000 +0200
+++ openssl-0.9.8d/ssl/d1_srvr.c	2007-01-21 15:11:50.537653785 +0200
@@ -619,18 +623,19 @@ int dtls1_send_hello_verify_request(SSL 
 		{
 		buf = (unsigned char *)s->init_buf->data;
 
+		if ( s->ctx->app_gen_cookie_cb != NULL &&
+		    s->ctx->app_gen_cookie_cb(s, s->d1->cookie, 
+			&(s->d1->cookie_len)) == 0)
+		    {
+				SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,ERR_R_INTERNAL_ERROR);
+		    return 0;
+		    }
+
 		msg = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
 		*(p++) = s->version >> 8;
 		*(p++) = s->version & 0xFF;
-
 		*(p++) = (unsigned char) s->d1->cookie_len;
-        if ( s->ctx->app_gen_cookie_cb != NULL &&
-            s->ctx->app_gen_cookie_cb(s, s->d1->cookie, 
-                &(s->d1->cookie_len)) == 0)
-            {
-			SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,ERR_R_INTERNAL_ERROR);
-            return 0;
-            }
+
         /* else the cookie is assumed to have 
          * been initialized by the application */