From: Bodo Moeller <bodo@openssl.org>
Date: Tue, 21 Oct 2014 20:32:44 +0000 (+0200)
Subject: When processing ClientHello.cipher_suites, don't ignore cipher suites
X-Git-Tag: OpenSSL_1_0_0p~63
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=8d81dfd0a60da2914166ac275a67774646d8881e;p=oweals%2Fopenssl.git

When processing ClientHello.cipher_suites, don't ignore cipher suites
listed after TLS_FALLBACK_SCSV.

RT: 3575
Reviewed-by: Emilia Kasper <emilia@openssl.org>
---

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index f45b3628dd..f9c7c3555f 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1471,6 +1471,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
 					ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INAPPROPRIATE_FALLBACK);
 				goto err;
 				}
+			p += n;
 			continue;
 			}