Fix typo setting up certificate masks

The certificate masks are used to select which ciphersuite we are going to
use. The variables |emask_k| and |emask_a| relate to export grade key
exchange and authentication respecitively. The variables |mask_k| and
|mask_a| are the equivalent versions for non-export grade. This fixes an
instance where the two usages of export/non-export were mixed up. In
practice it makes little difference since it still works!

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit fdfe8b06ae97da3bc3a77aa3db00f8e0445f3c70)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index b60fe1a898647aa9270aac289fae42f6e539ff94..c0931e787728ed17d4c10fc4b02763807e858293 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2330,7 +2330,7 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
     if (dh_dsa_export)
         emask_k |= SSL_kDHd;
 
-    if (emask_k & (SSL_kDHr | SSL_kDHd))
+    if (mask_k & (SSL_kDHr | SSL_kDHd))
         mask_a |= SSL_aDH;
 
     if (rsa_enc || rsa_sign) {