diff options
Diffstat (limited to 'openssl/ssl/s3_pkt.c')
| -rw-r--r-- | openssl/ssl/s3_pkt.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/openssl/ssl/s3_pkt.c b/openssl/ssl/s3_pkt.c index 3c56a8693..adf8c387c 100644 --- a/openssl/ssl/s3_pkt.c +++ b/openssl/ssl/s3_pkt.c @@ -664,10 +664,14 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, if ( (sess == NULL) || (s->enc_write_ctx == NULL) || (EVP_MD_CTX_md(s->write_hash) == NULL)) + { +#if 1 + clear=s->enc_write_ctx?0:1; /* must be AEAD cipher */ +#else clear=1; - - if (clear) +#endif mac_size=0; + } else { mac_size=EVP_MD_CTX_size(s->write_hash); @@ -736,7 +740,14 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, wr->type=type; *(p++)=(s->version>>8); - *(p++)=s->version&0xff; + /* Some servers hang if iniatial client hello is larger than 256 + * bytes and record version number > TLS 1.0 + */ + if (s->state == SSL3_ST_CW_CLNT_HELLO_B + && TLS1_get_version(s) > TLS1_VERSION) + *(p++) = 0x1; + else + *(p++)=s->version&0xff; /* field where we are to write out packet length */ plen=p; |