Update from 1.0.0-stable.

author Dr. Stephen Henson <steve@openssl.org>

Sat, 16 May 2009 11:16:43 +0000 (11:16 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Sat, 16 May 2009 11:16:43 +0000 (11:16 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Sat, 16 May 2009 11:16:43 +0000 (11:16 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Sat, 16 May 2009 11:16:43 +0000 (11:16 +0000)
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c

index 6450c1de850b2d3e63b7b1dac2e902c43b9f7153..58ea86304f37c8c872fb2a7110f597f0d41beff8 100644 (file)
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -203,6 +203,9 @@ const SSL_CIPHER *dtls1_get_cipher(unsigned int u)
                 {
                 if (ciph->algorithm_enc == SSL_RC4)
                         return NULL;
+               /* We currently don't support ECDH either */
+               if (ciph->algorithm_mkey & SSL_kEECDH)
+                       return NULL;
                 }
  
         return ciph;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c

index df808e817b5e5c42b9e7b88708699fb781c0d3f0..7b911ae1eac610d591688c174f45e14651dc3c92 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1343,9 +1343,6 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
                     s->psk_client_callback == NULL)
                         continue;
  #endif /* OPENSSL_NO_PSK */
-               /* DTLS doesn't currently support ECDHE */
-               if ((s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) && (c->algorithm_mkey & SSL_kEECDH))
-                       continue;
                 j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
                 p+=j;
                 }
author	Dr. Stephen Henson <steve@openssl.org>
	Sat, 16 May 2009 11:16:43 +0000 (11:16 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sat, 16 May 2009 11:16:43 +0000 (11:16 +0000)
ssl/d1_lib.c		patch \| blob \| history
ssl/ssl_lib.c		patch \| blob \| history