From: Bodo Moeller Date: Tue, 21 Oct 2014 20:32:30 +0000 (+0200) Subject: When processing ClientHello.cipher_suites, don't ignore cipher suites X-Git-Tag: OpenSSL_1_0_1k~109 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=08931f1cd678ede5735825fb451fdb273a0177ed;p=oweals%2Fopenssl.git When processing ClientHello.cipher_suites, don't ignore cipher suites listed after TLS_FALLBACK_SCSV. RT: 3575 Reviewed-by: Emilia Kasper --- diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 3f66fc061d..6e35534b81 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1507,6 +1507,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INAPPROPRIATE_FALLBACK); goto err; } + p += n; continue; }