summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s3_lib.c
diff options
context:
space:
mode:
authormarkus <>2009-11-10 09:09:40 +0000
committermarkus <>2009-11-10 09:09:40 +0000
commitfe6c9378da6c3c76e86e1fa03619eda8e4da9408 (patch)
tree1ee3d60cfc9aa5a4238a876f10fd267d699c4e14 /src/lib/libssl/s3_lib.c
parent11d78159f32f020cba13d2025ccc5caa8b71aaae (diff)
downloadopenbsd-fe6c9378da6c3c76e86e1fa03619eda8e4da9408.tar.gz
openbsd-fe6c9378da6c3c76e86e1fa03619eda8e4da9408.tar.bz2
openbsd-fe6c9378da6c3c76e86e1fa03619eda8e4da9408.zip
pull Ben Lauries blind prefix injection fix for CVE-2009-3555 from
openssl 0.9.8l; crank minor version; ok djm@ deraadt@; initially from jsg@
Diffstat (limited to 'src/lib/libssl/s3_lib.c')
-rw-r--r--src/lib/libssl/s3_lib.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 8916a0b1b3..5aa7bb21da 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -2592,6 +2592,9 @@ int ssl3_renegotiate(SSL *s)
2592 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) 2592 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
2593 return(0); 2593 return(0);
2594 2594
2595 if (!(s->s3->flags & SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
2596 return(0);
2597
2595 s->s3->renegotiate=1; 2598 s->s3->renegotiate=1;
2596 return(1); 2599 return(1);
2597 } 2600 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 07:05:00 +0000