PR: 2115

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Approved by: steve@openssl.org Add Renegotiation extension to DTLS, fix DTLS ClientHello processing bug.
author: Dr. Stephen Henson <steve@openssl.org> 2009-12-01 17:40:46 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2009-12-01 17:40:46 +0000
commit: 82e448b92b856ba610b5f92a714c66d60f93b1c1 (patch)
tree: 127ef0f44a419a79f11abd6b30699f777514a1d1 /ssl/s3_srvr.c
parent: b172352b52f224de091651bc80e67791664fb961 (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index c698513a09..a685fd5f0b 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -957,7 +957,7 @@ int ssl3_get_client_hello(SSL *s)
 
 #ifndef OPENSSL_NO_TLSEXT
 	/* TLS extensions*/
-	if (s->version > SSL3_VERSION)
+	if (s->version > SSL3_VERSION && s->version != DTLS1_VERSION && s->version != DTLS1_BAD_VER)
 		{
 		if (!ssl_parse_clienthello_tlsext(s,&p,d,n, &al))
 			{
@@ -970,6 +970,17 @@ int ssl3_get_client_hello(SSL *s)
 			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
 			goto err;
 		}
+
+	/* DTLS extensions */
+	if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER)
+		{
+		if (!ssl_parse_clienthello_dtlsext(s,&p,d,n, &al))
+			{
+				/* 'al' set by ssl_parse_clienthello_dtlsext */
+				SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PARSE_TLSEXT);
+				goto f_err;
+			}
+		}
 #endif
 	/* Worst case, we will use the NULL compression, but if we have other
 	 * options, we will now look for them.  We have i-1 compression
author	Dr. Stephen Henson <steve@openssl.org>	2009-12-01 17:40:46 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2009-12-01 17:40:46 +0000
commit	82e448b92b856ba610b5f92a714c66d60f93b1c1 (patch)
tree	127ef0f44a419a79f11abd6b30699f777514a1d1 /ssl/s3_srvr.c
parent	b172352b52f224de091651bc80e67791664fb961 (diff)