diff options
| author | Matt Caswell <matt@openssl.org> | 2016-11-02 11:52:22 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-11-02 13:08:21 +0000 |
| commit | 0ced42e050e602dc9d5fea36250ab8335f8ab156 (patch) | |
| tree | f7c5891e91758d2ce284eff12b4e8b231b1b3d5d /ssl/ssl_ciph.c | |
| parent | 582a17d662d123eafbb70c9eaaa140a2559b7cdb (diff) | |
| download | openssl-0ced42e050e602dc9d5fea36250ab8335f8ab156.zip openssl-0ced42e050e602dc9d5fea36250ab8335f8ab156.tar.gz openssl-0ced42e050e602dc9d5fea36250ab8335f8ab156.tar.bz2 | |
Use ciphersuite id when matching if we've got one
When matching a ciphersuite if we are given an id, make sure we use it
otherwise we will match another ciphersuite which is identical except for
the TLS version.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl/ssl_ciph.c')
| -rw-r--r-- | ssl/ssl_ciph.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 0d46509..adccbfc 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -859,6 +859,8 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey, cp->algorithm_enc, cp->algorithm_mac, cp->min_tls, cp->algo_strength); #endif + if (cipher_id != 0 && (cipher_id != cp->id)) + continue; if (alg_mkey && !(alg_mkey & cp->algorithm_mkey)) continue; if (alg_auth && !(alg_auth & cp->algorithm_auth)) |