diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2010-08-27 11:29:15 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2010-08-27 11:29:15 +0000 |
| commit | bdd535080496395e04282270e14024bc54d0eebb (patch) | |
| tree | a2ef7025df29c10ef2728fe68ed0313900240ed1 /ssl | |
| parent | 7b3a9b00994b4c33389cd31b4890d35fb772be01 (diff) | |
PR: 1833
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix other cases not covered by original patch.
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/ssl_lib.c | 4 | ||||
| -rw-r--r-- | ssl/t1_lib.c | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 9dfa3aa711..bc102ae20b 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1392,7 +1392,7 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p, /* If p == q, no ciphers and caller indicates an error. Otherwise * add SCSV if not renegotiating. */ - if (p != q && !s->new_session) + if (p != q && !s->renegotiate) { static SSL_CIPHER scsv = { @@ -1439,7 +1439,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, (p[n-1] == (SSL3_CK_SCSV & 0xff))) { /* SCSV fatal if renegotiating */ - if (s->new_session) + if (s->renegotiate) { SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 39b5e72533..849dad7dda 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -317,7 +317,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha } /* Add RI if renegotiating */ - if (s->new_session) + if (s->renegotiate) { int el; @@ -1028,7 +1028,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in /* Need RI if renegotiating */ - if (!renegotiate_seen && s->new_session && + if (!renegotiate_seen && s->renegotiate && !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) { *al = SSL_AD_HANDSHAKE_FAILURE; |