From fe5eef3a3b3e6844394d976a182d88225c59ddb5 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Sun, 28 Jun 2015 17:01:07 +0100
Subject: [PATCH] Disable all PSK if no callback.

Reviewed-by: Matt Caswell <matt@openssl.org>
---
 ssl/s3_lib.c | 2 +-
 ssl/t1_lib.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 8b7c52af52..6046580420 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3933,7 +3933,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
 
 #ifndef OPENSSL_NO_PSK
         /* with PSK there must be server callback set */
-        if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
+        if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
             continue;
 #endif                          /* OPENSSL_NO_PSK */
 
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index e593654f0d..f5575e06ad 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1111,7 +1111,7 @@ void ssl_set_client_disabled(SSL *s)
     /* with PSK there must be client callback set */
     if (!s->psk_client_callback) {
         s->s3->tmp.mask_a |= SSL_aPSK;
-        s->s3->tmp.mask_k |= SSL_kPSK;
+        s->s3->tmp.mask_k |= SSL_PSK;
     }
 #endif                         /* OPENSSL_NO_PSK */
 #ifndef OPENSSL_NO_SRP
-- 
2.25.1