Set TLS v1.2 disabled mask properly.

2013-09-08 00:09:39 +01:00 · 2013-09-08 00:09:39 +01:00 · 226751ae4a
commit 226751ae4a
parent 1769dfab06
1 changed files with 5 additions and 0 deletions
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@ -1073,6 +1073,11 @@ int ssl3_get_server_hello(SSL *s)
 		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
 		goto f_err;
 		}
+	/* Set version disabled mask now we know version */
+	if (!SSL_USE_TLS1_2_CIPHERS(s))
+		ct->mask_ssl = SSL_TLSV1_2;
+	else
+		ct->mask_ssl = 0;
 	/* If it is a disabled cipher we didn't send it in client hello,
 	 * so return an error.
 	 */