From: Bodo Moeller <bodo@openssl.org>
Date: Tue, 21 Oct 2014 20:33:03 +0000 (+0200)
Subject: When processing ClientHello.cipher_suites, don't ignore cipher suites
X-Git-Tag: OpenSSL_0_9_8zd~22
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=1acca28263f6f16f60c25b97eb82dca61ad5df88;p=oweals%2Fopenssl.git

When processing ClientHello.cipher_suites, don't ignore cipher suites
listed after TLS_FALLBACK_SCSV.

RT: 3575
Reviewed-by: Emilia Kasper <emilia@openssl.org>
---

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 5db0b5276e..542ab5a558 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1401,6 +1401,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
 					ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INAPPROPRIATE_FALLBACK);
 				goto err;
 				}
+			p += n;
 			continue;
 			}