generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

DTLS version usage fixes.

Browse Source 
Make DTLS behave like TLS when negotiating version: record layer has
DTLS 1.0, message version is 1.2.

Tolerate different version numbers if version hasn't been negotiated
yet.
This commit is contained in:
Dr. Stephen Henson 2013-09-17 18:10:37 +01:00
parent 7d3ba88a98
commit 40088d8b81
2 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/d1_pkt.c
View File

@ -1557,9 +1557,7 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len,
* we haven't decided which version to use yet send back using
* version 1.0 header: otherwise some clients will ignore it.
*/
if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B
&& s->method->version == DTLS_ANY_VERSION
&& s->client_version == DTLS1_VERSION)
if (s->method->version == DTLS_ANY_VERSION)
{
*(p++)=DTLS1_VERSION>>8;
*(p++)=DTLS1_VERSION&0xff;

2
ssl/s3_clnt.c
View File

@ -928,7 +928,7 @@ int ssl3_get_server_hello(SSL *s)
/* Hello verify request and/or server hello version may not
* match so set first packet if we're negotiating version.
*/
if (s->method->version == DTLS_ANY_VERSION)
if (SSL_IS_DTLS(s))
s->first_packet = 1;
n=s->method->ssl_get_message(s,