From: Bodo Moeller <bodo@openssl.org>
Date: Tue, 21 Oct 2014 20:32:30 +0000 (+0200)
Subject: When processing ClientHello.cipher_suites, don't ignore cipher suites
X-Git-Tag: OpenSSL_1_0_1k~109
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=08931f1cd678ede5735825fb451fdb273a0177ed;p=oweals%2Fopenssl.git

When processing ClientHello.cipher_suites, don't ignore cipher suites
listed after TLS_FALLBACK_SCSV.

RT: 3575
Reviewed-by: Emilia Kasper <emilia@openssl.org>
---

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 3f66fc061d..6e35534b81 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1507,6 +1507,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
 					ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INAPPROPRIATE_FALLBACK);
 				goto err;
 				}
+			p += n;
 			continue;
 			}