diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index ad6561cb0de5e1b8bfa5bb98053a44802c3067fa..717925811dd41def6325936a48eda51e207441e6 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -131,6 +131,12 @@ int dtls1_new(SSL *s)
         return (0);
     }
     memset(d1, 0, sizeof *d1);
+    
+    if(!DTLS_RECORD_LAYER_new(&s->rlayer)) {
+        OPENSSL_free(d1);
+        ssl3_free(s);
+        return 0;
+    }
 
     /* d1->handshake_epoch=0; */
 
@@ -218,6 +224,8 @@ static void dtls1_clear_queues(SSL *s)
 
 void dtls1_free(SSL *s)
 {
+    DTLS_RECORD_LAYER_free(&s->rlayer);
+
     ssl3_free(s);
 
     dtls1_clear_queues(s);
@@ -242,6 +250,8 @@ void dtls1_clear(SSL *s)
     unsigned int mtu;
     unsigned int link_mtu;
 
+    DTLS_RECORD_LAYER_clear(&s->rlayer);
+
     if (s->d1) {
         unprocessed_rcds = s->d1->unprocessed_rcds.q;
         processed_rcds = s->d1->processed_rcds.q;
diff --git a/ssl/record/d1_pkt.c b/ssl/record/d1_pkt.c
index 3d31699b29c17d7ca289e4fb1fa7844330cf5298..02b0f52eb1f99088042c7f7b31cacd11662058b1 100644
--- a/ssl/record/d1_pkt.c
+++ b/ssl/record/d1_pkt.c
@@ -122,6 +122,35 @@
 #include <openssl/pqueue.h>
 #include <openssl/rand.h>
 
+
+int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl)
+{
+    DTLS_RECORD_LAYER *d;
+    
+    if ((d = OPENSSL_malloc(sizeof *d)) == NULL) {
+        return (0);
+    }
+
+    rl->d = d;
+    DTLS_RECORD_LAYER_clear(rl);
+
+    return 1;
+}
+
+void DTLS_RECORD_LAYER_free(RECORD_LAYER *rl)
+{
+    OPENSSL_free(rl->d);
+    rl->d = NULL;
+}
+
+void DTLS_RECORD_LAYER_clear(RECORD_LAYER *rl)
+{
+    DTLS_RECORD_LAYER *d;
+    
+    d = rl->d;
+    memset(d, 0, sizeof *d);
+}
+
 /* mod 128 saturating subtract of two 64-bit values in big-endian order */
 static int satsub64be(const unsigned char *v1, const unsigned char *v2)
 {
diff --git a/ssl/record/rec_layer.h b/ssl/record/rec_layer.h
index 6bba44d1d8a4486c7b1e76529b62a3eae3d464d6..c64468f5f4c535a4dca5a704f7d427dd82db8638 100644
--- a/ssl/record/rec_layer.h
+++ b/ssl/record/rec_layer.h
@@ -142,6 +142,11 @@ typedef struct dtls1_record_data_st {
 #  endif
 } DTLS1_RECORD_DATA;
 
+typedef struct dtls_record_layer_st {
+    /* Temporary member to be removed by subsequent commits */
+    int dummy;
+} DTLS_RECORD_LAYER;
+
 typedef struct record_layer_st {
     /* The parent SSL structure */
     SSL *s;
@@ -187,6 +192,8 @@ typedef struct record_layer_st {
 
     unsigned char read_sequence[8];
     unsigned char write_sequence[8];
+    
+    DTLS_RECORD_LAYER *d;
 } RECORD_LAYER;
 
 
@@ -223,6 +230,9 @@ __owur int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
 __owur int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
                          unsigned int len, int create_empty_fragment);
 __owur int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
+int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl);
+void DTLS_RECORD_LAYER_free(RECORD_LAYER *rl);
+void DTLS_RECORD_LAYER_clear(RECORD_LAYER *rl);
 __owur int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
 int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
 __owur int do_dtls1_write(SSL *s, int type, const unsigned char *buf,