--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssl/openssl-1.0.1-fips-140/patches/31_dtls_version.patch Tue Dec 17 16:11:49 2013 -0800
@@ -0,0 +1,11 @@
+--- openssl-1.0.1e/ssl/s3_cbc.c 2013-02-14 08:06:58.000000000 -0800
++++ openssl-1.0.1e/ssl/s3_cbc.c.orig 2013-02-14 03:04:08.440194448 -0700
+@@ -148,7 +148,7 @@
+ unsigned padding_length, good, to_check, i;
+ const unsigned overhead = 1 /* padding length byte */ + mac_size;
+ /* Check if version requires explicit IV */
+- if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
++ if (s->version >= TLS1_1_VERSION || s->version == DTLS1_BAD_VER)
+ {
+ /* These lengths are all public so we can test them in
+ * non-constant time.