Servers can't end up talking SSLv2 with legacy renegotiation disabled

diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index ba06e7ae2eb93c1a1fff14a3dd05549785d365b5..73b7e610e004cae1babe9886ebd381ab5ff89878 100644 (file)
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -486,6 +486,11 @@ int ssl23_get_client_hello(SSL *s)
                SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
                goto err;
 #else
+               if (!(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
+                       {
+                       SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+                       goto err;
+                       }
                /* we are talking sslv2 */
                /* we need to clean up the SSLv3/TLSv1 setup and put in the
                 * sslv2 stuff. */