Support TLS_FALLBACK_SCSV.

Reviewed-by: Stephen Henson <steve@openssl.org>
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 6405111..5f7a358 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -294,6 +294,25 @@
 	case DTLS_CTRL_LISTEN:
 		ret = dtls1_listen(s, parg);
 		break;
+	case SSL_CTRL_CHECK_PROTO_VERSION:
+		/* For library-internal use; checks that the current protocol
+		 * is the highest enabled version (according to s->ctx->method,
+		 * as version negotiation may have changed s->method). */
+		if (s->version == s->ctx->method->version)
+			return 1;
+		/* Apparently we're using a version-flexible SSL_METHOD
+		 * (not at its highest protocol version). */
+		if (s->ctx->method->version == DTLS_method()->version)
+			{
+#if DTLS_MAX_VERSION != DTLS1_2_VERSION
+#  error Code needs update for DTLS_method() support beyond DTLS1_2_VERSION.
+#endif
+			if (!(s->options & SSL_OP_NO_DTLSv1_2))
+				return s->version == DTLS1_2_VERSION;
+			if (!(s->options & SSL_OP_NO_DTLSv1))
+				return s->version == DTLS1_VERSION;
+			}
+		return 0; /* Unexpected state; fail closed. */
 
 	default:
 		ret = ssl3_ctrl(s, cmd, larg, parg);