Disable all PSK if no callback.
authorDr. Stephen Henson <steve@openssl.org>
Sun, 28 Jun 2015 16:01:07 +0000 (17:01 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 30 Jul 2015 13:43:35 +0000 (14:43 +0100)
Reviewed-by: Matt Caswell <matt@openssl.org>
ssl/s3_lib.c
ssl/t1_lib.c

index 8b7c52af52699704e8ce0c7a5efa0dd96e28f059..60465804207dd5e62d9823d4eb54899504356da0 100644 (file)
@@ -3933,7 +3933,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
 
 #ifndef OPENSSL_NO_PSK
         /* with PSK there must be server callback set */
-        if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
+        if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
             continue;
 #endif                          /* OPENSSL_NO_PSK */
 
index e593654f0dbb78fee3207f4a4df4fb0cc56718d3..f5575e06ad152e55a0119ed20a0195a50cf6b69e 100644 (file)
@@ -1111,7 +1111,7 @@ void ssl_set_client_disabled(SSL *s)
     /* with PSK there must be client callback set */
     if (!s->psk_client_callback) {
         s->s3->tmp.mask_a |= SSL_aPSK;
-        s->s3->tmp.mask_k |= SSL_kPSK;
+        s->s3->tmp.mask_k |= SSL_PSK;
     }
 #endif                         /* OPENSSL_NO_PSK */
 #ifndef OPENSSL_NO_SRP