diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2010-01-07 19:09:32 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2010-01-07 19:09:32 +0000 |
commit | 3798a4d0597c8c665b41f6211f22c763b22f245b (patch) | |
tree | 8b8dd1ed2da65f7e6ba30c0d8ee86618647b0fad /ssl/ssl_lib.c | |
parent | 5b8246d6eb31b88709b4fc1e1d5318be2cc0ca6f (diff) |
Simplify RI+SCSV logic:
1. Send SCSV is not renegotiating, never empty RI.
2. Send RI if renegotiating.
Diffstat (limited to 'ssl/ssl_lib.c')
-rw-r--r-- | ssl/ssl_lib.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index b0bd720539..231f87b307 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1300,10 +1300,9 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p, p+=j; } /* If p == q, no ciphers and caller indicates an error. Otherwise - * add SCSV if no extensions (i.e. SSL3 is client_version) - * since spec RECOMMENDS not sending both RI and SCSV. + * add SCSV if not renegotiating. */ - if (p != q) + if (p != q && !s->new_session) { static SSL_CIPHER scsv = { |