Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / openssl / ff41a4bc41ae1e1391f9b05117623ff70b985983^! / . / ssl / ssl_lib.c
commitff41a4bc41ae1e1391f9b05117623ff70b985983[log] [tgz]
authorKenny Root <kroot@google.com>Tue Jan 07 10:19:10 2014 -0800
committerKenny Root <kroot@google.com>Wed Jan 08 13:39:40 2014 -0800
tree93bb31a6e63d94176f4f979e447e9c33bd7a4724
parentaf55dde627407177a5aa92a7077672dadab4d587 [diff] [blame]
Import OpenSSL 1.0.1f

Upgrade to the new OpenSSL 1.0.1f release. SHA-1 hash of file:
9ef09e97dfc9f14ac2c042f3b7e301098794fc0f  openssl-1.0.1f.tar.gz

Some changes had to be made to the existing source:

Fixed the import script to work with "sh -x" for debugging problems.

Update some of the files from patches/ to work with 1.0.1f, because
1.0.1f fixes have used some of the constants that were used (0x20L was
changed to 0x80L and 0x40L was changed to 0x100L).

Delete the "Makefile.save" files that are newly present in the
OpenSSL 1.0.1f release tarball.

Change-Id: Ib0f13b91e863157da23ec1d736ff2d788897d9f1

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1a3ceea..7452386 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c

@@ -1911,7 +1911,9 @@
 	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
 
 	ret->extra_certs=NULL;
-	ret->comp_methods=SSL_COMP_get_compression_methods();
+	/* No compression for DTLS */
+	if (meth->version != DTLS1_VERSION)
+		ret->comp_methods=SSL_COMP_get_compression_methods();
 
 	ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
 
@@ -2945,9 +2947,7 @@
 /* Fix this function so that it takes an optional type parameter */
 X509 *SSL_get_certificate(const SSL *s)
 	{
-	if (s->server)
-		return(ssl_get_server_send_cert(s));
-	else if (s->cert != NULL)
+	if (s->cert != NULL)
 		return(s->cert->key->x509);
 	else
 		return(NULL);