diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2014-08-12 18:33:00 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2014-08-12 20:42:27 +0100 |
| commit | 03ebf85f7757c5da9f9d4fecb8ea1a1af18df46d (patch) | |
| tree | de199ff7444fa30f145e52a07f8d90bad670c81c | |
| parent | 30fbe92c78981a417718bcbf25d295d16c5b7ed9 (diff) | |
Fix SRP ciphersuites.
Add patch missed from backport of SRP ciphersuite fix.
PR#3490
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
| -rw-r--r-- | ssl/s3_lib.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 4835bef1a7..e17f1267d5 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3822,10 +3822,15 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, emask_k = cert->export_mask_k; emask_a = cert->export_mask_a; #ifndef OPENSSL_NO_SRP - mask_k=cert->mask_k | s->srp_ctx.srp_Mask; - emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask; + if (s->srp_ctx.srp_Mask & SSL_kSRP) + { + mask_k |= SSL_kSRP; + emask_k |= SSL_kSRP; + mask_a |= SSL_aSRP; + emask_a |= SSL_aSRP; + } #endif - + #ifdef KSSL_DEBUG /* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/ #endif /* KSSL_DEBUG */ |