Fix SSL_export_keying_material() for DTLS1_BAD_VER

Commit d8e8590e ("Fix missing return value checks in SCTP") made the DTLS handshake fail, even for non-SCTP connections, if SSL_export_keying_material() fails. Which it does, for DTLS1_BAD_VER. Apply the trivial fix to make it succeed, since there's no real reason why it shouldn't even though we never need it. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit c8a18468caef4d62778381be0acdadc8a88d6e51)
author: David Woodhouse <David.Woodhouse@intel.com> 2016-07-08 20:46:07 +0100
committer: Matt Caswell <matt@openssl.org> 2016-08-26 13:44:11 +0100
commit: df426c06919e9d30fa9b226c15d24a25c2b90c93 (patch)
tree: c02cbd38fdddaff6a1885ca90b1448883c0dc85b
parent: 847fe929108da550b506594f52fa1875ea815723 (diff)
download: openssl-df426c06919e9d30fa9b226c15d24a25c2b90c93.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index a707612fb0..42b980ac26 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1828,7 +1828,7 @@ int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
                                const unsigned char *p, size_t plen,
                                int use_context)
 {
-    if (s->version < TLS1_VERSION)
+    if (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER)
         return -1;
 
     return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
author	David Woodhouse <David.Woodhouse@intel.com>	2016-07-08 20:46:07 +0100
committer	Matt Caswell <matt@openssl.org>	2016-08-26 13:44:11 +0100
commit	df426c06919e9d30fa9b226c15d24a25c2b90c93 (patch)
tree	c02cbd38fdddaff6a1885ca90b1448883c0dc85b
parent	847fe929108da550b506594f52fa1875ea815723 (diff)
download	openssl-df426c06919e9d30fa9b226c15d24a25c2b90c93.tar.gz