When processing ClientHello.cipher_suites, don't ignore cipher suites

listed after TLS_FALLBACK_SCSV.

RT: 3575
Reviewed-by: Emilia Kasper <emilia@openssl.org>

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 5db0b5276e3f1363677e873b0a2a918d395bfc8f..542ab5a55849932c058f87b80d7c038de8d230c9 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1401,6 +1401,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
                                        ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INAPPROPRIATE_FALLBACK);
                                goto err;
                                }
+                       p += n;
                        continue;
                        }