blob: 5d399315de61d6bebe25d287ff4e1f486cbad7d1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
From fb8d9ddb9dc19d84dffa84932f75e607c8a3ffe6 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Sat, 7 Jun 2014 15:21:13 +0100
Subject: [PATCH 3/3] Make tls_session_secret_cb work with CVE-2014-0224 fix.
Upstream-Status: Backport
If application uses tls_session_secret_cb for session resumption
set the CCS_OK flag.
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
ssl/s3_clnt.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 34efff8..cd43873 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1037,6 +1037,7 @@ int ssl3_get_server_hello(SSL *s)
{
s->session->cipher = pref_cipher ?
pref_cipher : ssl_get_cipher_by_char(s, p+j);
+ s->s3->flags |= SSL3_FLAGS_CCS_OK;
}
}
#endif /* OPENSSL_NO_TLSEXT */
--
1.7.10.4
|
