Using the client one when the server once should be used could cause a
later call to SSL_set_accept_state() to unexpectedly fail.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23256)
for (vent = table;
vent->version != 0 && ssl_version_cmp(s, version, vent->version) <= 0;
++vent) {
- if (vent->cmeth != NULL
+ const SSL_METHOD *(*thismeth)(void) = s->server ? vent->smeth
+ : vent->cmeth;
+
+ if (thismeth != NULL
&& ssl_version_cmp(s, version, vent->version) == 0
- && ssl_method_error(s, vent->cmeth()) == 0
+ && ssl_method_error(s, thismeth()) == 0
&& (!s->server
|| version != TLS1_3_VERSION
|| is_tls13_capable(s))) {
if (meth != NULL)
- *meth = vent->cmeth();
+ *meth = thismeth();
return 1;
}
}