Add SHA2 algorithms to SSL_library_init(). Although these aren't used

[openssl.git] / ssl / t1_lib.c

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index c4670346648a3f1331deea8a9f1c3de989a7b869..9ee7e7d71786f14b176ff7690d7b01500176e273 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -316,8 +316,9 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
                ret+=size_str;
                }
 
-        /* Add the renegotiation option: TODOEKR switch */
-        {
+        /* Add RI if renegotiating */
+        if (s->new_session)
+          {
           int el;
           
           if(!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0))
@@ -1156,8 +1157,8 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
         * which doesn't support RI so for the immediate future tolerate RI
         * absence on initial connect only.
         */
-       if (!renegotiate_seen && 
-               (s->new_session || !(s->options & SSL_OP_LEGACY_SERVER_CONNECT))
+       if (!renegotiate_seen
+               && !(s->options & SSL_OP_LEGACY_SERVER_CONNECT)
                && !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
                {
                *al = SSL_AD_HANDSHAKE_FAILURE;