#ifndef OPENSSL_NO_TLSEXT
/* TLS extensions*/
- if (s->version > SSL3_VERSION)
+ if (s->version > SSL3_VERSION && s->version != DTLS1_VERSION && s->version != DTLS1_BAD_VER)
{
if (!ssl_parse_serverhello_tlsext(s,&p,d,n, &al))
{
goto err;
}
}
+
+ /* DTLS extensions */
+ if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER)
+ {
+ if (!ssl_parse_serverhello_dtlsext(s,&p,d,n, &al))
+ {
+ /* 'al' set by ssl_parse_serverhello_dtlsext */
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PARSE_TLSEXT);
+ goto f_err;
+ }
+ }
#endif
if (p != (d+n))