PR: 1751

Submitted by: David Woodhouse <dwmw2@infradead.org> Approved by: steve@openssl.org Compatibility patches for Cisco VPN client DTLS.
author: Dr. Stephen Henson <steve@openssl.org> 2009-04-19 18:08:12 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2009-04-19 18:08:12 +0000
commit: a224fe14e92e6d49ee1fb1c4eafbe224da3a677a (patch)
tree: a04f9800e792d808da6413a3a5564fc1255ecf45 /ssl/d1_clnt.c
parent: 00d5a5ff55655e2b7b382dbfc2c1dceff51cdc2d (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 950aca4c2c..a6111db917 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -130,7 +130,7 @@ static int dtls1_get_hello_verify(SSL *s);
 
 static SSL_METHOD *dtls1_get_client_method(int ver)
 	{
-	if (ver == DTLS1_VERSION)
+	if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
 		return(DTLSv1_client_method());
 	else
 		return(NULL);
@@ -181,7 +181,8 @@ int dtls1_connect(SSL *s)
 			s->server=0;
 			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
-			if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00))
+			if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00) &&
+			    (s->version & 0xff00 ) != (DTLS1_BAD_VER & 0xff00))
 				{
 				SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
 				ret = -1;
author	Dr. Stephen Henson <steve@openssl.org>	2009-04-19 18:08:12 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2009-04-19 18:08:12 +0000
commit	a224fe14e92e6d49ee1fb1c4eafbe224da3a677a (patch)
tree	a04f9800e792d808da6413a3a5564fc1255ecf45 /ssl/d1_clnt.c
parent	00d5a5ff55655e2b7b382dbfc2c1dceff51cdc2d (diff)