From a33de30073bfa0ee1abba186dba9fa52cf0aa23a Mon Sep 17 00:00:00 2001
From: marha <marha@users.sourceforge.net>
Date: Fri, 15 Jun 2012 14:04:46 +0200
Subject: Updated to following packages: freetype-2.4.10 libXaw-1.0.11
 openssl-1.0.1c

---
 openssl/ssl/s3_clnt.c | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'openssl/ssl/s3_clnt.c')

diff --git a/openssl/ssl/s3_clnt.c b/openssl/ssl/s3_clnt.c
index 4511a914a..b80d052e1 100644
--- a/openssl/ssl/s3_clnt.c
+++ b/openssl/ssl/s3_clnt.c
@@ -755,6 +755,15 @@ int ssl3_client_hello(SSL *s)
 			SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
 			goto err;
 			}
+#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
+			/* Some servers hang if client hello > 256 bytes
+			 * as hack workaround chop number of supported ciphers
+			 * to keep it well below this if we use TLS v1.2
+			 */
+			if (TLS1_get_version(s) >= TLS1_2_VERSION
+				&& i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+				i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+#endif
 		s2n(i,p);
 		p+=i;
 
-- 
cgit v1.2.3