Enable TLS 1.2 ciphers in DTLS 1.2.

			(int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);

	if (s->write_hash)

		{

		if (s->enc_write_ctx && EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_GCM_MODE)

			mac_size = 0;

		else

			mac_size = EVP_MD_CTX_size(s->write_hash);

		}

	else

		mac_size = 0;

	if (s->enc_write_ctx && 

		(EVP_CIPHER_mode( s->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE))

		(EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE))

		blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher);

	else

		blocksize = 0;

int dtls1_listen(SSL *s, struct sockaddr *client);

SSL3_ENC_METHOD DTLSv1_enc_data={

    dtls1_enc,

    	tls1_enc,

	tls1_mac,

	tls1_setup_key_block,

	tls1_generate_master_secret,

	};

SSL3_ENC_METHOD DTLSv1_2_enc_data={

    dtls1_enc,

    	tls1_enc,

	tls1_mac,

	tls1_setup_key_block,

	tls1_generate_master_secret,

	TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,

	tls1_alert_code,

	tls1_export_keying_material,

	SSL_ENC_FLAG_DTLS|SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS|SSL_ENC_FLAG_SHA256_PRF,

	SSL_ENC_FLAG_DTLS|SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS

		|SSL_ENC_FLAG_SHA256_PRF|SSL_ENC_FLAG_TLS1_2_CIPHERS,

	DTLS1_HM_HEADER_LENGTH,

	dtls1_set_handshake_header,

	dtls1_handshake_write	

	unsigned char *p,*pseq;

	int i,mac_size,clear=0;

	int prefix_len = 0;

	int eivlen;

	SSL3_RECORD *wr;

	SSL3_BUFFER *wb;

	SSL_SESSION *sess;

	int bs;

	/* first check if there is a SSL3_BUFFER still being written

	 * out.  This will happen with non blocking IO */

	pseq=p; 

	p+=10;

	/* lets setup the record stuff. */

	/* Make space for the explicit IV in case of CBC.

	 * (this is a bit of a boundary violation, but what the heck).

	 */

	if ( s->enc_write_ctx && 

		(EVP_CIPHER_mode( s->enc_write_ctx->cipher ) & EVP_CIPH_CBC_MODE))

		bs = EVP_CIPHER_block_size(s->enc_write_ctx->cipher);

	/* Explicit IV length, block ciphers appropriate version flag */

	if (s->enc_write_ctx)

		{

		int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx);

		if (mode == EVP_CIPH_CBC_MODE)

			{

			eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);

			if (eivlen <= 1)

				eivlen = 0;

			}

		/* Need explicit part of IV for GCM mode */

		else if (mode == EVP_CIPH_GCM_MODE)

			eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN;

		else

		bs = 0;

			eivlen = 0;

		}

	else 

		eivlen = 0;

	wr->data=p + bs;  /* make room for IV in case of CBC */

	/* lets setup the record stuff. */

	wr->data=p + eivlen;  /* make room for IV in case of CBC */

	wr->length=(int)len;

	wr->input=(unsigned char *)buf;

	if (mac_size != 0)

		{

		if(s->method->ssl3_enc->mac(s,&(p[wr->length + bs]),1) < 0)

		if(s->method->ssl3_enc->mac(s,&(p[wr->length + eivlen]),1) < 0)

			goto err;

		wr->length+=mac_size;

		}

	wr->input=p;

	wr->data=p;

	/* ssl3_enc can only have an error on read */

	if (bs)	/* bs != 0 in case of CBC */

		{

		RAND_pseudo_bytes(p,bs);

		/* master IV and last CBC residue stand for

		 * the rest of randomness */

		wr->length += bs;

		}

	if (eivlen)

		wr->length += eivlen;

	s->method->ssl3_enc->enc(s,1);

#ifndef OPENSSL_NO_HEARTBEATS

	case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:

		if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)

		if (SSL_IS_DTLS(s))

			ret = dtls1_heartbeat(s);

		else

			ret = tls1_heartbeat(s);

		return ssl_cert_set_cert_store(s->cert, parg, 1, larg);

	case SSL_CTRL_GET_PEER_SIGNATURE_NID:

		if (TLS1_get_version(s) >= TLS1_2_VERSION)

		if (SSL_USE_SIGALGS(s))

			{

			if (s->session && s->session->sess_cert)

				{

		{

		c=sk_SSL_CIPHER_value(prio,i);

		/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */

		/* Skip TLS v1.2 only ciphersuites if not supported */

		if ((c->algorithm_ssl & SSL_TLSV1_2) && 

			(TLS1_get_version(s) < TLS1_2_VERSION))

			!SSL_USE_TLS1_2_CIPHERS(s))

			continue;

		ssl_set_cert_masks(cert,c);

 */

#define SSL_USE_SIGALGS(s)	\

			(s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS)

/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2:

 * may apply to others in future.

 */

#define SSL_USE_TLS1_2_CIPHERS(s)	\

		(s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)

/* Mostly for SSLv3 */

#define SSL_PKEY_RSA_ENC	0

#define SSL_ENC_FLAG_SHA256_PRF		0x4

/* Is DTLS */

#define SSL_ENC_FLAG_DTLS		0x8

/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2:

 * may apply to others in future.

 */

#define SSL_ENC_FLAG_TLS1_2_CIPHERS	0x10

#ifndef OPENSSL_NO_COMP

/* Used for holding the relevant compression methods loaded into SSL_CTX */