summaryrefslogtreecommitdiff
path: root/main/openssl/ssl/d1_lib.c
diff options
context:
space:
mode:
authorArne Schwabe <arne@rfc2549.org>2014-10-28 23:07:58 +0100
committerArne Schwabe <arne@rfc2549.org>2014-10-28 23:07:58 +0100
commit192f5b50e32ed14945317325a5465f40abfcc587 (patch)
treec58aa6ba75e3c0acaa4f9d91ab62efecf8d838bc /main/openssl/ssl/d1_lib.c
parent22feeb602f32f1d58f4aa5168b5fc139e086e85d (diff)
Update Openssl to aosp/master (includes useless (for OpenVPN)) SSLv3 Fallback fix
--HG-- extra : rebase_source : 4ec3b7a7844aa1ca198c4538ecdf28f027ceb1b1
Diffstat (limited to 'main/openssl/ssl/d1_lib.c')
-rw-r--r--main/openssl/ssl/d1_lib.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/main/openssl/ssl/d1_lib.c b/main/openssl/ssl/d1_lib.c
index 6bde16fa..82ca6539 100644
--- a/main/openssl/ssl/d1_lib.c
+++ b/main/openssl/ssl/d1_lib.c
@@ -266,6 +266,16 @@ long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg)
case DTLS_CTRL_LISTEN:
ret = dtls1_listen(s, parg);
break;
+ case SSL_CTRL_CHECK_PROTO_VERSION:
+ /* For library-internal use; checks that the current protocol
+ * is the highest enabled version (according to s->ctx->method,
+ * as version negotiation may have changed s->method). */
+#if DTLS_MAX_VERSION != DTLS1_VERSION
+# error Code needs update for DTLS_method() support beyond DTLS1_VERSION.
+#endif
+ /* Just one protocol version is supported so far;
+ * fail closed if the version is not as expected. */
+ return s->version == DTLS_MAX_VERSION;
default:
ret = ssl3_ctrl(s, cmd, larg, parg);