Thank you.
On 08/13/2014 01:39 PM, Kurt Roeckx via RT wrote: > On Tue, Aug 12, 2014 at 08:36:06PM +0200, Kurt Roeckx wrote: >> On Tue, Aug 12, 2014 at 08:22:38PM +0200, John Foley via RT wrote: >>> The first chunk in the s3_lib.c patch doesn't apply. But the second >>> chunk does (shown below). When applying this to 1.0.1 stable, it >>> appears to resolve the problem. >>> >>> @@ -4357,8 +4359,13 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, >>> STACK_OF(SSL_CIPHER) *clnt, >>> emask_k = cert->export_mask_k; >>> emask_a = cert->export_mask_a; >>> #ifndef OPENSSL_NO_SRP >>> - mask_k=cert->mask_k | s->srp_ctx.srp_Mask; >>> - emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask; >>> + if (s->srp_ctx.srp_Mask & SSL_kSRP) >>> + { >>> + mask_k |= SSL_kSRP; >>> + emask_k |= SSL_kSRP; >>> + mask_a |= SSL_aSRP; >>> + emask_a |= SSL_aSRP; >>> + } >>> #endif >>> >>> #ifdef KSSL_DEBUG >> I assumed you were talking about the 1.0.1i release and not the >> current git. When the mentioned commit got merged into the 1.0.1 >> branch the above part was somehow lost. It should get added to >> the 1.0.1 branch soon. > So this got fixed in commit > 03ebf85f7757c5da9f9d4fecb8ea1a1af18df46d, closing the ticket. > > > Kurt > > > . > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org