Index: lib/ssl/ssl3con.c |
=================================================================== |
--- a/lib/ssl/ssl3con.c |
+++ b/lib/ssl/ssl3con.c |
@@ -830,19 +830,19 @@ ssl_LookupCipherSuiteCfg(ssl3CipherSuite |
PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE); |
return NULL; |
} |
static PRBool |
ssl_NamedGroupTypeEnabled(const sslSocket *ss, NamedGroupType groupType) |
{ |
unsigned int i; |
- for (i = 0; i < ssl_named_group_count; ++i) { |
- if (ssl_named_groups[i].type == groupType && |
- ssl_NamedGroupEnabled(ss, &ssl_named_groups[i])) { |
+ for (i = 0; i < ss->namedGroupPreferenceCount; ++i) { |
+ if (ss->namedGroupPreferences[i].type == groupType && |
+ ssl_NamedGroupEnabled(ss, &ss->namedGroupPreferences[i])) { |
return PR_TRUE; |
} |
} |
return PR_FALSE; |
} |
static PRBool |
ssl_KEAEnabled(const sslSocket *ss, SSLKEAType keaType) |
@@ -12550,17 +12550,19 @@ ssl3_FillInCachedSID(sslSocket *ss, sslS |
ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 ? ss->ssl3.hs.origCipherSuite : ss->ssl3.hs.cipher_suite; |
sid->u.ssl3.compression = ss->ssl3.hs.compression; |
sid->u.ssl3.policy = ss->ssl3.policy; |
sid->version = ss->version; |
sid->authType = ss->sec.authType; |
sid->authKeyBits = ss->sec.authKeyBits; |
sid->keaType = ss->sec.keaType; |
sid->keaKeyBits = ss->sec.keaKeyBits; |
- sid->namedGroups = ss->namedGroups; |
+ sid->namedGroupPreferenceCount = ss->namedGroupPreferenceCount; |
+ PORT_Memcpy(sid->namedGroupPreferences, ss->namedGroupPreferences, |
+ ss->namedGroupPreferenceCount * sizeof(namedGroupDef)); |
sid->lastAccessTime = sid->creationTime = ssl_Time(); |
sid->expirationTime = sid->creationTime + ssl3_sid_timeout; |
sid->localCert = CERT_DupCertificate(ss->sec.localCert); |
if (ss->sec.isServer) { |
memcpy(&sid->certType, &ss->sec.serverCert->certType, sizeof(sid->certType)); |
} else { |
sid->certType.authType = ssl_auth_null; |
} |