Set TLS v1.2 disabled mask properly.

commit: 226751ae4a1f3e00021c43399d7bb51a99c22c17 [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Sun Sep 08 00:09:39 2013 +0100
committer: Dr. Stephen Henson <steve@openssl.org> Sun Sep 08 00:09:39 2013 +0100
tree: 47a66891f45c240488e3937621194458ed0ba9e6
parent: 1769dfab06dcf93a1c310ca7ea9531afcc448d0a [diff] [blame]
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 5ceb624..24c180c 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c

@@ -1073,6 +1073,11 @@
 		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
 		goto f_err;
 		}
+	/* Set version disabled mask now we know version */
+	if (!SSL_USE_TLS1_2_CIPHERS(s))
+		ct->mask_ssl = SSL_TLSV1_2;
+	else
+		ct->mask_ssl = 0;
 	/* If it is a disabled cipher we didn't send it in client hello,
 	 * so return an error.
 	 */
commit	226751ae4a1f3e00021c43399d7bb51a99c22c17	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Sun Sep 08 00:09:39 2013 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	Sun Sep 08 00:09:39 2013 +0100
tree	47a66891f45c240488e3937621194458ed0ba9e6
parent	1769dfab06dcf93a1c310ca7ea9531afcc448d0a [diff] [blame]