Opdated to openssl-1.0.1h

xkeyboard-config fontconfig libX11 libxcb xcb-proto mesa xserver git update 26 June 2014

xserver          commit a3b44ad8db1fa2f3b81c1ff9498f31c5323edd37
libxcb           commit 125135452a554e89e49448e2c1ee6658324e1095
libxcb/xcb-proto commit 84bfd909bc3774a459b11614cfebeaa584a1eb38
xkeyboard-config commit 39a226707b133ab5540c2d30176cb3857e74dcca
libX11           commit a4679baaa18142576d42d423afe816447f08336c
fontconfig       commit 274f2181f294af2eff3e8db106ec8d7bab2d3ff1
mesa             commit 9a8acafa47558cafeb37f80f4b30061ac1962c69

1 files changed, 9 insertions, 0 deletions

diff --git a/openssl/ssl/s3_clnt.c b/openssl/ssl/s3_clnt.c
index a6b3c01af..0457af878 100644
--- a/openssl/ssl/s3_clnt.c
+++ b/openssl/ssl/s3_clnt.c
@@ -559,6 +559,7 @@ int ssl3_connect(SSL *s)
 		case SSL3_ST_CR_FINISHED_A:
 		case SSL3_ST_CR_FINISHED_B:
 
+			s->s3->flags |= SSL3_FLAGS_CCS_OK;
 			ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
 				SSL3_ST_CR_FINISHED_B);
 			if (ret <= 0) goto end;
@@ -915,6 +916,7 @@ int ssl3_get_server_hello(SSL *s)
 		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
 		goto f_err;
 		}
+	    s->s3->flags |= SSL3_FLAGS_CCS_OK;
 	    s->hit=1;
 	    }
 	else	/* a miss or crap from the other end */
@@ -2510,6 +2512,13 @@ int ssl3_send_client_key_exchange(SSL *s)
 			int ecdh_clnt_cert = 0;
 			int field_size = 0;
 
+			if (s->session->sess_cert == NULL) 
+				{
+				ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
+				SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
+				goto err;
+				}
+
 			/* Did we send out the client's
 			 * ECDH share for use in premaster
 			 * computation as part of client certificate?