PR: 1751

Submitted by: David Woodhouse <dwmw2@infradead.org> Approved by: steve@openssl.org Compatibility patches for Cisco VPN client DTLS.
author: Dr. Stephen Henson <steve@openssl.org> 2009-04-19 18:03:13 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2009-04-19 18:03:13 +0000
commit: b452f43322d1a39cc23526948fe67918f0a034a7 (patch)
tree: 97a72ef33fda1db1b317c56e95ab2f6bb8e081f1 /ssl/d1_clnt.c
parent: 52891f832fe4693485efcd939de390065a752e43 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index c151264e56..b2ed383c34 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -130,7 +130,7 @@ static int dtls1_get_hello_verify(SSL *s);
 
 static const SSL_METHOD *dtls1_get_client_method(int ver)
 	{
-	if (ver == DTLS1_VERSION)
+	if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
 		return(DTLSv1_client_method());
 	else
 		return(NULL);
@@ -181,7 +181,8 @@ int dtls1_connect(SSL *s)
 			s->server=0;
 			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
-			if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00))
+			if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00) &&
+			    (s->version & 0xff00 ) != (DTLS1_BAD_VER & 0xff00))
 				{
 				SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
 				ret = -1;
author	Dr. Stephen Henson <steve@openssl.org>	2009-04-19 18:03:13 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2009-04-19 18:03:13 +0000
commit	b452f43322d1a39cc23526948fe67918f0a034a7 (patch)
tree	97a72ef33fda1db1b317c56e95ab2f6bb8e081f1 /ssl/d1_clnt.c
parent	52891f832fe4693485efcd939de390065a752e43 (diff)