From ca954d7feca8d9a8cc754ef2a2bfba14ef5428da Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Thu, 13 Sep 2018 17:17:22 +0100 Subject: [PATCH] Check returncode from SSL_CTX_set_cipher_list() --- src/src/tls-openssl.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index 53a967a19..0cf66279a 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -1248,8 +1248,10 @@ if ( !init_dh(server_sni, cbinfo->dhparam, NULL, &dummy_errstr) ) return SSL_TLSEXT_ERR_NOACK; -if (cbinfo->server_cipher_list) - SSL_CTX_set_cipher_list(server_sni, CS cbinfo->server_cipher_list); +if ( cbinfo->server_cipher_list + && !SSL_CTX_set_cipher_list(server_sni, CS cbinfo->server_cipher_list)) + return SSL_TLSEXT_ERR_NOACK; + #ifndef DISABLE_OCSP if (cbinfo->u_ocsp.server.file) { -- 2.25.1