]> granicus.if.org Git - openssl/commitdiff
Make tls_session_secret_cb work with CVE-2014-0224 fix.
authorDr. Stephen Henson <steve@openssl.org>
Sat, 7 Jun 2014 14:21:13 +0000 (15:21 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Sat, 7 Jun 2014 14:27:23 +0000 (15:27 +0100)
If application uses tls_session_secret_cb for session resumption
set the CCS_OK flag.
(cherry picked from commit 953c592572e8811b7956cc09fbd8e98037068b58)

ssl/s3_clnt.c

index 216b9c92ebe3a9a4396c2d7cf43e597bf22a3096..9cae0d15e6fb269fc22a27c07b94e1b450dd2912 100644 (file)
@@ -1031,6 +1031,7 @@ int ssl3_get_server_hello(SSL *s)
                        {
                        s->session->cipher = pref_cipher ?
                                pref_cipher : ssl_get_cipher_by_char(s, p+j);
+                       s->s3->flags |= SSL3_FLAGS_CCS_OK;
                        }
                }
 #endif /* OPENSSL_NO_TLSEXT */