use the correct algorithm mask. reported by satish lvr via

http://marc.info/?l=openssl-dev&m=139779977532459&w=2
ok miod

diff --git a/lib/libssl/src/ssl/t1_enc.c b/lib/libssl/src/ssl/t1_enc.c
index ac503f5..2480fec 100644 (file)
--- a/lib/libssl/src/ssl/t1_enc.c
+++ b/lib/libssl/src/ssl/t1_enc.c
@@ -1124,7 +1124,7 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
            TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0)
                goto err1;
 
-       rv = tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+       rv = tls1_PRF(ssl_get_algorithm2(s),
            val, vallen, NULL, 0, NULL, 0, NULL, 0, NULL, 0,
            s->session->master_key, s->session->master_key_length,
            out, buff, olen);

diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c
index ac503f5..2480fec 100644 (file)
--- a/lib/libssl/t1_enc.c
+++ b/lib/libssl/t1_enc.c
@@ -1124,7 +1124,7 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
            TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0)
                goto err1;
 
-       rv = tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
+       rv = tls1_PRF(ssl_get_algorithm2(s),
            val, vallen, NULL, 0, NULL, 0, NULL, 0, NULL, 0,
            s->session->master_key, s->session->master_key_length,
            out, buff, olen);