From 6acf476eb6fd1fb0ff19f17d26c54eab5a7aedff Mon Sep 17 00:00:00 2001
From: Adam Langley <agl@chromium.org>
Date: Fri, 20 Jun 2014 12:00:00 -0700
Subject: [PATCH] Make tls_session_secret_cb work with CVE-2014-0224 fix.

If application uses tls_session_secret_cb for session resumption set the
CCS_OK flag.

(Imported from upstream's a21f350a76b34b66dcaf9c1676baec945f32e980)
---
 ssl/s3_clnt.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index de7b9a42..96b76476 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1036,6 +1036,7 @@ int ssl3_get_server_hello(SSL *s)
 			{
 			s->session->cipher = pref_cipher ?
 				pref_cipher : ssl_get_cipher_by_char(s, p+j);
+	    		s->s3->flags |= SSL3_FLAGS_CCS_OK;
 			}
 		}
 #endif /* OPENSSL_NO_TLSEXT */