Enable TLS 1.2 ciphers in DTLS 1.2.

Port TLS 1.2 GCM code to DTLS. Enable use of TLS 1.2 only ciphers when in DTLS 1.2 mode too. (cherry picked from commit 4221c0dd3004117c63b182af5e8ab345b7265902)
author: Dr. Stephen Henson <steve@openssl.org> 2013-03-27 19:54:48 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2013-09-18 13:46:02 +0100
commit: b60b9e7afe649a564db13dbf10ca571e973844c1 (patch)
tree: cb50a28c6410f8cdcc9e172d213c49e4abc410e2 /ssl/d1_both.c
parent: 919834dc847d0652c58da641f867fe21ad2774ac (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 262299b154..f7947bd988 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -272,12 +272,17 @@ int dtls1_do_write(SSL *s, int type)
 			(int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
 
 	if (s->write_hash)
-		mac_size = EVP_MD_CTX_size(s->write_hash);
+		{
+		if (s->enc_write_ctx && EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_GCM_MODE)
+			mac_size = 0;
+		else
+			mac_size = EVP_MD_CTX_size(s->write_hash);
+		}
 	else
 		mac_size = 0;
 
 	if (s->enc_write_ctx && 
-		(EVP_CIPHER_mode( s->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE))
+		(EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE))
 		blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
 	else
 		blocksize = 0;
author	Dr. Stephen Henson <steve@openssl.org>	2013-03-27 19:54:48 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2013-09-18 13:46:02 +0100
commit	b60b9e7afe649a564db13dbf10ca571e973844c1 (patch)
tree	cb50a28c6410f8cdcc9e172d213c49e4abc410e2 /ssl/d1_both.c
parent	919834dc847d0652c58da641f867fe21ad2774ac (diff)