From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 26 Oct 2018 11:34:37 +0000 (+0200)
Subject: openssl: output the correct cipher list on TLS 1.3 error
X-Git-Tag: curl-7_62_0~23
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=44a9e9f80f0a24ced18c22b74788c1d0baa6a59d;p=curl

openssl: output the correct cipher list on TLS 1.3 error

When failing to set the 1.3 cipher suite, the wrong string pointer would
be used in the error message. Most often saying "(nil)".

Reported-by: Ricky-Tigg on github
Fixes #3178
Closes #3180
---

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index b06705312..4c5e8c19c 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2466,7 +2466,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
     char *ciphers13 = SSL_CONN_CONFIG(cipher_list13);
     if(ciphers13) {
       if(!SSL_CTX_set_ciphersuites(BACKEND->ctx, ciphers13)) {
-        failf(data, "failed setting TLS 1.3 cipher suite: %s", ciphers);
+        failf(data, "failed setting TLS 1.3 cipher suite: %s", ciphers13);
         return CURLE_SSL_CIPHER;
       }
       infof(data, "TLS 1.3 cipher selection: %s\n", ciphers13);