int extdatalen=0;
unsigned char *ret = p;
+ /* don't add extensions for SSLv3 */
+ if (s->client_version == SSL3_VERSION)
+ return p;
+
ret+=2;
if (ret>=limit) return NULL; /* this really never occurs, but ... */
int extdatalen=0;
unsigned char *ret = p;
+ /* don't add extensions for SSLv3 */
+ if (s->version == SSL3_VERSION)
+ return p;
+
ret+=2;
if (ret>=limit) return NULL; /* this really never occurs, but ... */
* Note: this must be called after servername callbacks in case
* the certificate has changed.
*/
- if ((s->tlsext_status_type != -1) && s->ctx->tlsext_status_cb)
+ if ((s->tlsext_status_type != -1) && s->ctx && s->ctx->tlsext_status_cb)
{
int r;
r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
return 1;
if (p >= limit)
return -1;
+ /* Skip past DTLS cookie */
+ if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER)
+ {
+ i = *(p++);
+ p+= i;
+ if (p >= limit)
+ return -1;
+ }
/* Skip past cipher list */
n2s(p, i);
p+= i;