diff options
author | Todd Short <tshort@akamai.com> | 2017-05-22 11:24:59 -0400 |
---|---|---|
committer | Kurt Roeckx <kurt@roeckx.be> | 2017-05-26 11:33:54 +0200 |
commit | fde111ba045f7c00e2fe673bf5bf161a64c2cb60 (patch) | |
tree | 930a87381ccc2fefffee5ccff760d28c7fd6f8de | |
parent | 8a996d2a5530def2307548546cbc27db610c964d (diff) |
Fix inconsistent check of UNSAFE_LEGACY_RENEGOTIATION (1.0.2)
The check for SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION is
inconsistent. Most places check SSL->options, one place is checking
SSL_CTX->options; fix that.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
GH: #3521
-rw-r--r-- | ssl/s3_pkt.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 0290c991d8..04212c51e7 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -1427,7 +1427,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) (s->s3->handshake_fragment_len >= 4) && (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) && (s->session != NULL) && (s->session->cipher != NULL) && - !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) { + !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) { /* * s->s3->handshake_fragment_len = 0; */ |