When processing ClientHello.cipher_suites, don't ignore cipher suites

listed after TLS_FALLBACK_SCSV.

RT: 3575
Reviewed-by: Emilia Kasper <emilia@openssl.org>

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 3f66fc061db5a3dfadcee08bee1c8aa07d555f0d..6e35534b81aefd1135e5be13737765002a477ca7 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1507,6 +1507,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
                                        ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INAPPROPRIATE_FALLBACK);
                                goto err;
                                }
+                       p += n;
                        continue;
                        }