[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Kurt Roeckx
kurt at openssl.org
Fri May 26 09:34:35 UTC 2017
The branch OpenSSL_1_0_2-stable has been updated
via fde111ba045f7c00e2fe673bf5bf161a64c2cb60 (commit)
from 8a996d2a5530def2307548546cbc27db610c964d (commit)
- Log -----------------------------------------------------------------
commit fde111ba045f7c00e2fe673bf5bf161a64c2cb60
Author: Todd Short <tshort at akamai.com>
Date: Mon May 22 11:24:59 2017 -0400
Fix inconsistent check of UNSAFE_LEGACY_RENEGOTIATION (1.0.2)
The check for SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION is
inconsistent. Most places check SSL->options, one place is checking
SSL_CTX->options; fix that.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
GH: #3521
-----------------------------------------------------------------------
Summary of changes:
ssl/s3_pkt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 0290c99..04212c5 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -1427,7 +1427,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
(s->s3->handshake_fragment_len >= 4) &&
(s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) &&
(s->session != NULL) && (s->session->cipher != NULL) &&
- !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
+ !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
/*
* s->s3->handshake_fragment_len = 0;
*/
More information about the openssl-commits
mailing list