From a33de30073bfa0ee1abba186dba9fa52cf0aa23a Mon Sep 17 00:00:00 2001
From: marha <marha@users.sourceforge.net>
Date: Fri, 15 Jun 2012 14:04:46 +0200
Subject: Updated to following packages: freetype-2.4.10 libXaw-1.0.11
 openssl-1.0.1c

---
 openssl/ssl/s3_pkt.c | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

(limited to 'openssl/ssl/s3_pkt.c')

diff --git a/openssl/ssl/s3_pkt.c b/openssl/ssl/s3_pkt.c
index 3c56a8693..adf8c387c 100644
--- a/openssl/ssl/s3_pkt.c
+++ b/openssl/ssl/s3_pkt.c
@@ -664,10 +664,14 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 	if (	(sess == NULL) ||
 		(s->enc_write_ctx == NULL) ||
 		(EVP_MD_CTX_md(s->write_hash) == NULL))
+		{
+#if 1
+		clear=s->enc_write_ctx?0:1;	/* must be AEAD cipher */
+#else
 		clear=1;
-
-	if (clear)
+#endif
 		mac_size=0;
+		}
 	else
 		{
 		mac_size=EVP_MD_CTX_size(s->write_hash);
@@ -736,7 +740,14 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 	wr->type=type;
 
 	*(p++)=(s->version>>8);
-	*(p++)=s->version&0xff;
+	/* Some servers hang if iniatial client hello is larger than 256
+	 * bytes and record version number > TLS 1.0
+	 */
+	if (s->state == SSL3_ST_CW_CLNT_HELLO_B
+				&& TLS1_get_version(s) > TLS1_VERSION)
+		*(p++) = 0x1;
+	else
+		*(p++)=s->version&0xff;
 
 	/* field where we are to write out packet length */
 	plen=p; 
-- 
cgit v1.2.3