Update from stable branch.

author: Dr. Stephen Henson <steve@openssl.org> 2009-05-13 16:38:51 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2009-05-13 16:38:51 +0000
commit: 6f71e5ee6af9db9c565456018ff6af81560bb98a (patch)
tree: 68ad631a20d6dbe0b3765768e2d6627e4398f85f /ssl
parent: 715feb3104d16cd49495c6e5ff3ef7be8ac2e355 (diff)
2 files changed, 7 insertions, 0 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 7b911ae1ea..df808e817b 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1343,6 +1343,9 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
 		    s->psk_client_callback == NULL)
 			continue;
 #endif /* OPENSSL_NO_PSK */
+		/* DTLS doesn't currently support ECDHE */
+		if ((s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) && (c->algorithm_mkey & SSL_kEECDH))
+			continue;
 		j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
 		p+=j;
 		}
diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c
index 26dee73bfa..070161021b 100644
--- a/ssl/ssl_txt.c
+++ b/ssl/ssl_txt.c
@@ -117,6 +117,10 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
 		s="SSLv3";
 	else if (x->ssl_version == TLS1_VERSION)
 		s="TLSv1";
+	else if (x->ssl_version == DTLS1_VERSION)
+		s="DTLSv1";
+	else if (x->ssl_version == DTLS1_BAD_VER)
+		s="DTLSv1-bad";
 	else
 		s="unknown";
 	if (BIO_printf(bp,"    Protocol  : %s\n",s) <= 0) goto err;
author	Dr. Stephen Henson <steve@openssl.org>	2009-05-13 16:38:51 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2009-05-13 16:38:51 +0000
commit	6f71e5ee6af9db9c565456018ff6af81560bb98a (patch)
tree	68ad631a20d6dbe0b3765768e2d6627e4398f85f /ssl
parent	715feb3104d16cd49495c6e5ff3ef7be8ac2e355 (diff)