diff options
author | Andy Polyakov <appro@openssl.org> | 2012-04-04 20:45:51 +0000 |
---|---|---|
committer | Andy Polyakov <appro@openssl.org> | 2012-04-04 20:45:51 +0000 |
commit | a20152bdaf7a99b006ff5a0eef081502e0e11553 (patch) | |
tree | 36254b55b49eb8d2f7b9840f2d79a16ec8e54f3b /ssl | |
parent | fd2b65ce5385a09b99c9be5e8ebbb56fb0167226 (diff) | |
download | openssl-a20152bdaf7a99b006ff5a0eef081502e0e11553.tar.gz |
ssl/ssl_ciph.c: interim solution for assertion in d1_pkt.c(444).
PR: 2778
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_ciph.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index c12a7a22d2..a96a5daaf5 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -616,18 +616,19 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, { const EVP_CIPHER *evp; - if (s->ssl_version >= TLS1_VERSION && - c->algorithm_enc == SSL_RC4 && + if (s->ssl_version>>8 != TLS1_VERSION_MAJOR || + s->ssl_version < TLS1_VERSION) + return 1; + + if (c->algorithm_enc == SSL_RC4 && c->algorithm_mac == SSL_MD5 && (evp=EVP_get_cipherbyname("RC4-HMAC-MD5"))) *enc = evp, *md = NULL; - else if (s->ssl_version >= TLS1_VERSION && - c->algorithm_enc == SSL_AES128 && + else if (c->algorithm_enc == SSL_AES128 && c->algorithm_mac == SSL_SHA1 && (evp=EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1"))) *enc = evp, *md = NULL; - else if (s->ssl_version >= TLS1_VERSION && - c->algorithm_enc == SSL_AES256 && + else if (c->algorithm_enc == SSL_AES256 && c->algorithm_mac == SSL_SHA1 && (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) *enc = evp, *md = NULL; |