projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset
[openssl.git] / ssl / s2_srvr.c
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index 2cba426bb7efdef03b0407faa44145c012a9dee8..71f677bbec5dfe4343f2450371cceaa5f8e9fdef 100644 (file)
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -452,7 +452,7 @@ static int get_client_master_key(SSL *s)
 
        is_export=SSL_C_IS_EXPORT(s->session->cipher);
        
-       if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL))
+       if (!ssl_cipher_get_evp(s->session,&c,&md,NULL,NULL,NULL, 0))
                {
                ssl2_return_error(s,SSL2_PE_NO_CIPHER);
                SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
@@ -1053,6 +1053,12 @@ static int request_certificate(SSL *s)
 
        i=ssl_verify_cert_chain(s,sk);
 
+       if (i > 1)
+               {
+               SSLerr(SSL_F_REQUEST_CERTIFICATE, i);
+               goto msg_end;
+               }
+
        if (i > 0)      /* we like the packet, now check the chksum */
                {
                EVP_MD_CTX ctx;
Unnamed repository; edit this file 'description' to name the repository.