PR: 1795

Submitted by: Peter Edwards <peter.edwards@vordel.com>
Approved by: steve@openssl.org

Avoid race condition by sorting cipher list straight away.

diff --git a/apps/genrsa.c b/apps/genrsa.c
index fdc0d4a07dfe159ea8a5f8d38fa0b43ba36a3f2f..09b0b1969001e6d64f67bf88562844b19c0d0c87 100644 (file)
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -106,9 +106,9 @@ int MAIN(int argc, char **argv)
        char *inrand=NULL;
        BIO *out=NULL;
        BIGNUM *bn = BN_new();
-       RSA *rsa = RSA_new();
+       RSA *rsa = NULL;
 
-       if(!bn || !rsa) goto err;
+       if(!bn) goto err;
 
        apps_startup();
        BN_GENCB_set(&cb, genrsa_cb, bio_err);

diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 52f91cfe6095a72a0bdec2b99e03caf3516255de..5aa03ee4495df2d60a47c638b2e866a7d3baf6a8 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1091,6 +1091,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
        *cipher_list_by_id = tmp_cipher_list;
        (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
 
+       sk_SSL_CIPHER_sort(*cipher_list_by_id);
        return(cipherstack);
        }