Switched to openssl-0.9.8l

author: marha <marha@users.sourceforge.net> 2009-12-21 15:26:57 +0000
committer: marha <marha@users.sourceforge.net> 2009-12-21 15:26:57 +0000
commit: 0695dfb71ca6fe132d15a4d0890e8a868183adf9 (patch)
tree: 1803f38d893025a3dbfeafec7a56146e141c0772 /openssl/ssl/s3_pkt.c
parent: 1ee02cd0419021c3d4950af2619da39c6e9c47f0 (diff)
download: vcxsrv-0695dfb71ca6fe132d15a4d0890e8a868183adf9.tar.gz
vcxsrv-0695dfb71ca6fe132d15a4d0890e8a868183adf9.tar.bz2
vcxsrv-0695dfb71ca6fe132d15a4d0890e8a868183adf9.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/openssl/ssl/s3_pkt.c b/openssl/ssl/s3_pkt.c
index 9476dcddf..b98b84044 100644
--- a/openssl/ssl/s3_pkt.c
+++ b/openssl/ssl/s3_pkt.c
@@ -985,6 +985,7 @@ start:
 
 		if (SSL_is_init_finished(s) &&
 			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
+			(s->s3->flags & SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) &&
 			!s->s3->renegotiate)
 			{
 			ssl3_renegotiate(s);
@@ -1117,7 +1118,8 @@ start:
 	if ((s->s3->handshake_fragment_len >= 4) &&	!s->in_handshake)
 		{
 		if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
-			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
+			!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
+			(s->s3->flags & SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
 			{
 #if 0 /* worked only because C operator preferences are not as expected (and
        * because this is not really needed for clients except for detecting
author	marha <marha@users.sourceforge.net>	2009-12-21 15:26:57 +0000
committer	marha <marha@users.sourceforge.net>	2009-12-21 15:26:57 +0000
commit	0695dfb71ca6fe132d15a4d0890e8a868183adf9 (patch)
tree	1803f38d893025a3dbfeafec7a56146e141c0772 /openssl/ssl/s3_pkt.c
parent	1ee02cd0419021c3d4950af2619da39c6e9c47f0 (diff)
download	vcxsrv-0695dfb71ca6fe132d15a4d0890e8a868183adf9.tar.gz vcxsrv-0695dfb71ca6fe132d15a4d0890e8a868183adf9.tar.bz2 vcxsrv-0695dfb71ca6fe132d15a4d0890e8a868183adf9.zip