From d4fcd82bb7f6d603bd61e19a81ba97337b89dfca Mon Sep 17 00:00:00 2001
From: markus <>
Date: Mon, 12 May 2003 02:18:40 +0000
Subject: merge 0.9.7b with local changes; crank majors for libssl/libcrypto

---
 src/lib/libssl/ssl_ciph.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'src/lib/libssl/ssl_ciph.c')

diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index df48245b2c..438d9eacbb 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -674,13 +674,14 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
 			 * So additionally check whether the cipher name found
 			 * has the correct length. We can save a strlen() call:
 			 * just checking for the '\0' at the right place is
-			 * sufficient, we have to strncmp() anyway.
+			 * sufficient, we have to strncmp() anyway. (We cannot
+			 * use strcmp(), because buf is not '\0' terminated.)
 			 */
 			 j = found = 0;
 			 while (ca_list[j])
 				{
-				if ((ca_list[j]->name[buflen] == '\0') &&
-				    !strncmp(buf, ca_list[j]->name, buflen))
+				if (!strncmp(buf, ca_list[j]->name, buflen) &&
+				    (ca_list[j]->name[buflen] == '\0'))
 					{
 					found = 1;
 					break;
@@ -757,7 +758,12 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
 	 */
 	if (rule_str == NULL) return(NULL);
 
-	if (init_ciphers) load_ciphers();
+	if (init_ciphers)
+		{
+		CRYPTO_w_lock(CRYPTO_LOCK_SSL);
+		if (init_ciphers) load_ciphers();
+		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
+		}
 
 	/*
 	 * To reduce the work to do we only want to process the compiled
-- 
cgit v1.2.3-55-g6feb