PR: 2115

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Add Renegotiation extension to DTLS, fix DTLS ClientHello processing bug.
author: Dr. Stephen Henson <steve@openssl.org> 2009-12-01 17:40:46 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2009-12-01 17:40:46 +0000
commit: 82e448b92b856ba610b5f92a714c66d60f93b1c1 (patch)
tree: 127ef0f44a419a79f11abd6b30699f777514a1d1 /ssl/s3_clnt.c
parent: b172352b52f224de091651bc80e67791664fb961 (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 9929d0c92c..d738afbff4 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -861,7 +861,7 @@ int ssl3_get_server_hello(SSL *s)
 #endif
 #ifndef OPENSSL_NO_TLSEXT
 	/* TLS extensions*/
-	if (s->version > SSL3_VERSION)
+	if (s->version > SSL3_VERSION && s->version != DTLS1_VERSION && s->version != DTLS1_BAD_VER)
 		{
 		if (!ssl_parse_serverhello_tlsext(s,&p,d,n, &al))
 			{
@@ -875,6 +875,17 @@ int ssl3_get_server_hello(SSL *s)
 				goto err;
 			}
 		}
+
+	/* DTLS extensions */
+	if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER)
+	{
+		if (!ssl_parse_serverhello_dtlsext(s,&p,d,n, &al))
+		{
+			/* 'al' set by ssl_parse_serverhello_dtlsext */
+			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PARSE_TLSEXT);
+			goto f_err;
+		}
+	}
 #endif
author	Dr. Stephen Henson <steve@openssl.org>	2009-12-01 17:40:46 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2009-12-01 17:40:46 +0000
commit	82e448b92b856ba610b5f92a714c66d60f93b1c1 (patch)
tree	127ef0f44a419a79f11abd6b30699f777514a1d1 /ssl/s3_clnt.c
parent	b172352b52f224de091651bc80e67791664fb961 (diff)