PR: 1751

Submitted by: David Woodhouse <dwmw2@infradead.org> Approved by: steve@openssl.org Compatibility patches for Cisco VPN client DTLS.
author: Dr. Stephen Henson <steve@openssl.org> 2009-04-19 18:03:13 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2009-04-19 18:03:13 +0000
commit: b452f43322d1a39cc23526948fe67918f0a034a7 (patch)
tree: 97a72ef33fda1db1b317c56e95ab2f6bb8e081f1 /ssl/s3_pkt.c
parent: 52891f832fe4693485efcd939de390065a752e43 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 2ae6b59402..77cf037eed 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -177,8 +177,8 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
 		}
 
 	/* extend reads should not span multiple packets for DTLS */
-	if ( SSL_version(s) == DTLS1_VERSION &&
-		extend)
+	if ( (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+	     &&	extend)
 		{
 		if ( left > 0 && n > left)
 			n = left;
@@ -836,7 +836,8 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
 			return(s->s3->wpend_ret);
 			}
 		else if (i <= 0) {
-			if (s->version == DTLS1_VERSION) {
+			if (s->version == DTLS1_VERSION ||
+			    s->version == DTLS1_BAD_VER) {
 				/* For DTLS, just drop it. That's kind of the whole
 				   point in using a datagram service */
 				wb->left = 0;
author	Dr. Stephen Henson <steve@openssl.org>	2009-04-19 18:03:13 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2009-04-19 18:03:13 +0000
commit	b452f43322d1a39cc23526948fe67918f0a034a7 (patch)
tree	97a72ef33fda1db1b317c56e95ab2f6bb8e081f1 /ssl/s3_pkt.c
parent	52891f832fe4693485efcd939de390065a752e43 (diff)