16211866 problem in UTILITY/OPENSSL
16339858 Check DTLS_BAD_VER for version number
--- openssl-1.0.0k/ssl/s3_cbc.c.orig 2013-02-05 03:58:46.000000000 -0800
+++ openssl-1.0.0k/ssl/s3_cbc.c 2013-02-27 17:25:37.618740089 -0800
@@ -137,7 +137,8 @@
unsigned mac_size)
{
unsigned padding_length, good, to_check, i;
- const char has_explicit_iv = s->version == DTLS1_VERSION;
+ const char has_explicit_iv =
+ (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER);
const unsigned overhead = 1 /* padding length byte */ +
mac_size +
(has_explicit_iv ? block_size : 0);