Update from 1.0.0-stable.

author: Dr. Stephen Henson <steve@openssl.org> 2009-05-16 11:16:43 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2009-05-16 11:16:43 +0000
commit: 48fd490c6d3c0e5dcfb2f2464ce84adb6bc3ec7e (patch)
tree: 20263fd22bf82b9f20af6fd5b6286c1b6466f208 /ssl
parent: 9289f21b7d2985087c826188bd2efc92cbd9cb85 (diff)
2 files changed, 3 insertions, 3 deletions
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 6450c1de85..58ea86304f 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -203,6 +203,9 @@ const SSL_CIPHER *dtls1_get_cipher(unsigned int u)
 		{
 		if (ciph->algorithm_enc == SSL_RC4)
 			return NULL;
+		/* We currently don't support ECDH either */
+		if (ciph->algorithm_mkey & SSL_kEECDH)
+			return NULL;
 		}
 
 	return ciph;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index df808e817b..7b911ae1ea 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1343,9 +1343,6 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
 		    s->psk_client_callback == NULL)
 			continue;
 #endif /* OPENSSL_NO_PSK */
-		/* DTLS doesn't currently support ECDHE */
-		if ((s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) && (c->algorithm_mkey & SSL_kEECDH))
-			continue;
 		j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
 		p+=j;
 		}
author	Dr. Stephen Henson <steve@openssl.org>	2009-05-16 11:16:43 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2009-05-16 11:16:43 +0000
commit	48fd490c6d3c0e5dcfb2f2464ce84adb6bc3ec7e (patch)
tree	20263fd22bf82b9f20af6fd5b6286c1b6466f208 /ssl
parent	9289f21b7d2985087c826188bd2efc92cbd9cb85 (diff)