Don't request certificates for any PSK ciphersuite

author Dr. Stephen Henson <steve@openssl.org>

Sat, 11 Jul 2015 00:17:36 +0000 (01:17 +0100)

committer Dr. Stephen Henson <steve@openssl.org>

Thu, 30 Jul 2015 13:55:33 +0000 (14:55 +0100)
author Dr. Stephen Henson <steve@openssl.org>
Sat, 11 Jul 2015 00:17:36 +0000 (01:17 +0100)
committer Dr. Stephen Henson <steve@openssl.org>
Thu, 30 Jul 2015 13:55:33 +0000 (14:55 +0100)
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c

index caf45d1afbf526668d4116541424d3f1f38a1bb8..72deedc0c524152be0ef8f345caf179021355bc8 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -503,7 +503,7 @@ int ssl3_accept(SSL *s)
                      * With normal PSK Certificates and Certificate Requests
                      * are omitted
                      */
-                   || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+                   || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK)) {
                  /* no cert request */
                  skip = 1;
                  s->s3->tmp.cert_request = 0;
author	Dr. Stephen Henson <steve@openssl.org>
	Sat, 11 Jul 2015 00:17:36 +0000 (01:17 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Thu, 30 Jul 2015 13:55:33 +0000 (14:55 +0100)