generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

CVE-2010-4180 fix (from OpenSSL_1_0_0-stable)

Browse Source
This commit is contained in:
Bodo Möller
2011-02-03 10:43:00 +00:00
parent 9d0397e977
commit 88f2a4cf9c
5 changed files with 22 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ssl/s3_clnt.c
View File

@@ -884,8 +884,11 @@ int ssl3_get_server_hello(SSL *s)
s->session->cipher_id = s->session->cipher->id;
if (s->hit && (s->session->cipher_id != c->id))
{
/* Workaround is now obsolete */
#if 0
if (!(s->options &
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
#endif
{
al=SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);