generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

PR: 1751

Browse Source 
Submitted by: David Woodhouse <dwmw2@infradead.org>
Approved by: steve@openssl.org

Compatibility patches for Cisco VPN client DTLS.
This commit is contained in:
Dr. Stephen Henson
2009-04-19 18:08:12 +00:00
parent 00d5a5ff55
commit a224fe14e9
8 changed files with 26 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ssl/t1_enc.c
View File

@@ -765,10 +765,10 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
HMAC_CTX_init(&hmac);
HMAC_Init_ex(&hmac,mac_sec,EVP_MD_size(hash),hash,NULL);
if (ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER)
if (ssl->version == DTLS1_BAD_VER ||
(ssl->version == DTLS1_VERSION && ssl->client_version != DTLS1_BAD_VER))
{
unsigned char dtlsseq[8],*p=dtlsseq;
s2n(send?ssl->d1->w_epoch:ssl->d1->r_epoch, p);
memcpy (p,&seq[2],6);
@@ -793,7 +793,7 @@ printf("rec=");
{unsigned int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
#endif
if ( SSL_version(ssl) != DTLS1_VERSION)
if ( SSL_version(ssl) != DTLS1_VERSION && SSL_version(ssl) != DTLS1_BAD_VER)
{
for (i=7; i>=0; i--)
{