correctly handle case where server hello does not request extension specified by client

ssl/ssl.enums.c

@@ -2498,7 +2498,7 @@ static int decode_extension_encrypt_then_mac(ssl,dir,seg,data)
     data->len-=l;
     data->data+=l;
 
-    *etm=dir==DIR_I2R?1:*etm==1;
+    *etm=dir==DIR_I2R?1:*etm+1;
     return(0);
   }
 static int decode_extension_extended_master_secret(ssl,dir,seg,data)
@@ -2515,7 +2515,7 @@ static int decode_extension_extended_master_secret(ssl,dir,seg,data)
     data->len-=l;
     data->data+=l;
 
-    *ems=dir==DIR_I2R?1:*ems==1;
+    *ems=dir==DIR_I2R?1:*ems+1;
     return(0);
   }
 static int decode_extension(ssl,dir,seg,data)

ssl/ssl_rec.c

@@ -180,7 +180,7 @@ int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
     
     CRDUMP("Ciphertext",in,inl);
 
-    if(ssl->extensions->encrypt_then_mac){
+    if(ssl->extensions->encrypt_then_mac==2){
       *outl=inl;
 
       /* First strip off the MAC */

ssl/ssldecode.c

@@ -857,7 +857,7 @@ static int ssl_generate_keying_material(ssl,d)
       if(r=r_data_alloc(&d->MS,48))
         ABORT(r);
 
-      if (ssl->extensions->extended_master_secret) {
+      if (ssl->extensions->extended_master_secret==2) {
 	if(r=ssl_generate_session_hash(ssl,d))
 	  ABORT(r);