From 0b23299525121a3f9f519118979f4e0d35039897 Mon Sep 17 00:00:00 2001 From: Philip Guenther Date: Thu, 7 Aug 2014 22:27:29 +0000 Subject: Correct test reversed during merge of fix for CVE-2014-3509 pointed out by Watson Ladd (watson (at) matasano.com) ok deraadt@ --- lib/libssl/src/ssl/t1_lib.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/libssl/src/ssl/t1_lib.c b/lib/libssl/src/ssl/t1_lib.c index eebe6897ef6..c25f10bfabb 100644 --- a/lib/libssl/src/ssl/t1_lib.c +++ b/lib/libssl/src/ssl/t1_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_lib.c,v 1.53 2014/08/06 23:16:16 deraadt Exp $ */ +/* $OpenBSD: t1_lib.c,v 1.54 2014/08/07 22:27:28 guenther Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1339,7 +1339,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, *al = TLS1_AD_DECODE_ERROR; return 0; } - if (s->hit) { + if (!s->hit) { free(s->session->tlsext_ecpointformatlist); s->session->tlsext_ecpointformatlist_length = 0; -- cgit v1.2.3