From: Hiroyuki YAMAMORI <h-yamamo@db3.so-net.ne.jp>
Date: Wed, 26 Aug 2015 14:06:22 +0000 (+0100)
Subject: Fix DTLS1.2 compression
X-Git-Tag: OpenSSL_1_0_2e~104
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=31472acf61fce8bbc39390ca96ff2f9da2dfafb8;p=oweals%2Fopenssl.git

Fix DTLS1.2 compression

Backport of equivalent fix from master. The only compression
method is stateful and hence incompatible with DTLS. The DTLS
test was not working for DTLS1.2

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
---

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index c0931e7877..d72756a957 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1980,7 +1980,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 
     ret->extra_certs = NULL;
     /* No compression for DTLS */
-    if (meth->version != DTLS1_VERSION)
+    if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS))
         ret->comp_methods = SSL_COMP_get_compression_methods();
 
     ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;