diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2010-06-27 14:22:11 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2010-06-27 14:22:11 +0000 |
commit | b4b15f68c01c4bf4557db5ff6180623411540b52 (patch) | |
tree | dc8969be13937ea8b79125e68494497474c2b1ab /ssl/s23_srvr.c | |
parent | 1eb1cf452b1263373ff3f7c91b9419adca8c3ba8 (diff) |
Backport TLS v1.1 support from HEAD, ssl/ changes
Diffstat (limited to 'ssl/s23_srvr.c')
-rw-r--r-- | ssl/s23_srvr.c | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c index 836dd1f1cf..390b99bf56 100644 --- a/ssl/s23_srvr.c +++ b/ssl/s23_srvr.c @@ -128,6 +128,8 @@ static const SSL_METHOD *ssl23_get_server_method(int ver) return(SSLv3_server_method()); else if (ver == TLS1_VERSION) return(TLSv1_server_method()); + else if (ver == TLS1_1_VERSION) + return(TLSv1_1_server_method()); else return(NULL); } @@ -283,7 +285,13 @@ int ssl23_get_client_hello(SSL *s) /* SSLv3/TLSv1 */ if (p[4] >= TLS1_VERSION_MINOR) { - if (!(s->options & SSL_OP_NO_TLSv1)) + if (p[4] >= TLS1_1_VERSION_MINOR && + !(s->options & SSL_OP_NO_TLSv1_1)) + { + s->version=TLS1_1_VERSION; + s->state=SSL23_ST_SR_CLNT_HELLO_B; + } + else if (!(s->options & SSL_OP_NO_TLSv1)) { s->version=TLS1_VERSION; /* type=2; */ /* done later to survive restarts */ @@ -350,7 +358,13 @@ int ssl23_get_client_hello(SSL *s) v[1]=p[10]; /* minor version according to client_version */ if (v[1] >= TLS1_VERSION_MINOR) { - if (!(s->options & SSL_OP_NO_TLSv1)) + if (v[1] >= TLS1_1_VERSION_MINOR && + !(s->options & SSL_OP_NO_TLSv1_1)) + { + s->version=TLS1_1_VERSION; + type=3; + } + else if (!(s->options & SSL_OP_NO_TLSv1)) { s->version=TLS1_VERSION; type=3; @@ -568,7 +582,9 @@ int ssl23_get_client_hello(SSL *s) s->s3->rbuf.offset=0; } - if (s->version == TLS1_VERSION) + if (s->version == TLS1_1_VERSION) + s->method = TLSv1_1_server_method(); + else if (s->version == TLS1_VERSION) s->method = TLSv1_server_method(); else s->method = SSLv3_server_method(); |