From 59c28a2723a8d15e0e48cb841c4022fabc64039e Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Sat, 29 Jun 2013 15:33:42 +0200
Subject: [PATCH] SSL v2 handshake should also handle dynamic ciphersuites

---
 library/ssl_srv.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 61a155c34c..f053ba28a8 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -272,6 +272,7 @@ static int ssl_parse_client_hello_v2( ssl_context *ssl )
     unsigned int ciph_len, sess_len, chal_len;
     unsigned char *buf, *p;
     const int *ciphersuites;
+    const ssl_ciphersuite_t *ciphersuite_info;
 
     SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) );
 
@@ -439,11 +440,22 @@ static int ssl_parse_client_hello_v2( ssl_context *ssl )
         {
             // Only allow non-ECC ciphersuites as we do not have extensions
             //
-            if( p[0] == 0 &&
-                p[1] == 0 &&
+            if( p[0] == 0 && p[1] == 0 &&
                 ( ( ciphersuites[i] >> 8 ) & 0xFF ) == 0 &&
                 p[2] == ( ciphersuites[i] & 0xFF ) )
+            {
+                ciphersuite_info = ssl_ciphersuite_from_id( ciphersuites[i] );
+
+                if( ciphersuite_info == NULL )
+                {
+                    SSL_DEBUG_MSG( 1, ( "ciphersuite info for %02x not found",
+                                   ciphersuites[i] ) );
+                    return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+                }
+
+
                 goto have_ciphersuite_v2;
+            }
         }
     }
 
@@ -453,6 +465,7 @@ static int ssl_parse_client_hello_v2( ssl_context *ssl )
 
 have_ciphersuite_v2:
     ssl->session_negotiate->ciphersuite = ciphersuites[i];
+    ssl->transform_negotiate->ciphersuite_info = ciphersuite_info;
     ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info );
 
     /*