Compare encodings in X509_cmp as well as hash.

[openssl.git] / ssl / d1_lib.c

diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 16bafa3560aaf5e6a9445725e8abc53ad00f4a0b..2b066e01651e396715c1730ac4561db9148c362c 100644 (file)
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -73,7 +73,7 @@ const char dtls1_version_str[]="DTLSv1" OPENSSL_VERSION_PTEXT;
 int dtls1_listen(SSL *s, struct sockaddr *client);
 
 SSL3_ENC_METHOD DTLSv1_enc_data={
-    dtls1_enc,
+       tls1_enc,
        tls1_mac,
        tls1_setup_key_block,
        tls1_generate_master_secret,
@@ -92,7 +92,7 @@ SSL3_ENC_METHOD DTLSv1_enc_data={
        };
 
 SSL3_ENC_METHOD DTLSv1_2_enc_data={
-    dtls1_enc,
+       tls1_enc,
        tls1_mac,
        tls1_setup_key_block,
        tls1_generate_master_secret,
@@ -104,7 +104,8 @@ SSL3_ENC_METHOD DTLSv1_2_enc_data={
        TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
        tls1_alert_code,
        tls1_export_keying_material,
-       SSL_ENC_FLAG_DTLS|SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS|SSL_ENC_FLAG_SHA256_PRF,
+       SSL_ENC_FLAG_DTLS|SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS
+               |SSL_ENC_FLAG_SHA256_PRF|SSL_ENC_FLAG_TLS1_2_CIPHERS,
        DTLS1_HM_HEADER_LENGTH,
        dtls1_set_handshake_header,
        dtls1_handshake_write   
@@ -221,6 +222,7 @@ void dtls1_free(SSL *s)
        pqueue_free(s->d1->buffered_app_data.q);
 
        OPENSSL_free(s->d1);
+       s->d1 = NULL;
        }
 
 void dtls1_clear(SSL *s)
@@ -265,6 +267,8 @@ void dtls1_clear(SSL *s)
        ssl3_clear(s);
        if (s->options & SSL_OP_CISCO_ANYCONNECT)
                s->version=DTLS1_BAD_VER;
+       else if (s->method->version == DTLS_ANY_VERSION)
+               s->version=DTLS1_2_VERSION;
        else
                s->version=s->method->version;
        }
@@ -524,5 +528,3 @@ static int dtls1_handshake_write(SSL *s)
        {
        return dtls1_do_write(s, SSL3_RT_HANDSHAKE);
        }
-       
-