From f56541b06bf16744123580dc007447da9ea76110 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Wed, 27 Sep 2017 13:25:02 +0200
Subject: cmp_hsk_types: fixed check for SSLv2 hello

Previously, if SSLv2 hello support was disabled, the check for
the expected TLS message was incorrect.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---
 lib/buffers.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/buffers.c b/lib/buffers.c
index 1c1e5531fd..414ea50307 100644
--- a/lib/buffers.c
+++ b/lib/buffers.c
@@ -1074,12 +1074,12 @@ static int merge_handshake_packet(gnutls_session_t session,
 inline static int cmp_hsk_types(gnutls_handshake_description_t expected,
 				gnutls_handshake_description_t recvd)
 {
-	if ((expected != GNUTLS_HANDSHAKE_CLIENT_HELLO
 #ifdef ENABLE_SSL2
-	     || recvd != GNUTLS_HANDSHAKE_CLIENT_HELLO_V2
+	if (expected == GNUTLS_HANDSHAKE_CLIENT_HELLO
+	     && recvd == GNUTLS_HANDSHAKE_CLIENT_HELLO_V2)
+		return 1;
 #endif
-	     )
-	    && (expected != recvd))
+	if (expected != recvd)
 		return 0;
 
 	return 1;
-- 
cgit v1.2.1