The version check for DTLS1_VERSION was redundant as
DTLS1_VERSION > TLS1_1_VERSION, however we do need to
check for DTLS1_BAD_VER for compatibility.
PR:2984
unsigned padding_length, good, to_check, i;
const unsigned overhead = 1 /* padding length byte */ + mac_size;
/* Check if version requires explicit IV */
- if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
+ if (s->version >= TLS1_1_VERSION || s->version == DTLS1_BAD_VER)
{
/* These lengths are all public so we can test them in
* non-constant time.