Check DTLS_BAD_VER for version number.

The version check for DTLS1_VERSION was redundant as DTLS1_VERSION > TLS1_1_VERSION, however we do need to check for DTLS1_BAD_VER for compatibility. PR:2984 (cherry picked from commit d980abb22e22661e98e5cee33d760ab0c7584ecc)
author: David Woodhouse <dwmw2@infradead.org> 2013-02-12 14:55:32 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2013-02-12 15:16:05 +0000
commit: 9fe4603b8245425a4c46986ed000fca054231253 (patch)
tree: 8a6ea62147b7139d0da20745d4ae7613526129da /ssl
parent: 147dbb2fe3bead7a10e2f280261b661ce7af7adc (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index 02edf3f918..443a31e746 100644
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -148,7 +148,7 @@ int tls1_cbc_remove_padding(const SSL* s,
 	unsigned padding_length, good, to_check, i;
 	const unsigned overhead = 1 /* padding length byte */ + mac_size;
 	/* Check if version requires explicit IV */
-	if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
+	if (s->version >= TLS1_1_VERSION || s->version == DTLS1_BAD_VER)
 		{
 		/* These lengths are all public so we can test them in
 		 * non-constant time.
author	David Woodhouse <dwmw2@infradead.org>	2013-02-12 14:55:32 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2013-02-12 15:16:05 +0000
commit	9fe4603b8245425a4c46986ed000fca054231253 (patch)
tree	8a6ea62147b7139d0da20745d4ae7613526129da /ssl
parent	147dbb2fe3bead7a10e2f280261b661ce7af7adc (diff)