diff options
author | Todd Short <tshort@akamai.com> | 2017-05-22 11:24:59 -0400 |
---|---|---|
committer | Kurt Roeckx <kurt@roeckx.be> | 2017-05-26 11:31:32 +0200 |
commit | ef66b8cb5efbc2dfbc2dc64f35a34c023b96e4c1 (patch) | |
tree | 7dd56d95f7451a48661f81022fa4ccb4dd6f0d4d /ssl | |
parent | 0efb6d94cdc3bc10a30206b95c0621f399e0cc79 (diff) |
Fix inconsistent check of UNSAFE_LEGACY_RENEGOTIATION
The check for SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION is
inconsistent. Most places check SSL->options, one place is checking
SSL_CTX->options; fix that.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
GH: #3523
(cherry picked from commit dffdcc773ac0a294b1ce620131cb8d7401da9408)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/record/rec_layer_s3.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index c533bbd73a..5945d18748 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1332,7 +1332,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, (s->rlayer.handshake_fragment_len >= 4) && (s->rlayer.handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) && (s->session != NULL) && (s->session->cipher != NULL) && - !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) { + !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) { SSL3_RECORD_set_length(rr, 0); SSL3_RECORD_set_read(rr); ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION); |