X-Git-Url: https://bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Fssl%2Fssl_hs_server.t0;h=7f5fe85155bbbdcaa6f4032cf2aafc37650ba167;hp=862e0fbfbfb761e6ba298df15dee4228be0526e5;hb=b42bd5972f935ffc32019acac6f8a07ae08ae9c2;hpb=e61ad42191511226309bad2cbde8cd9e8cc743cb

diff --git a/src/ssl/ssl_hs_server.t0 b/src/ssl/ssl_hs_server.t0
index 862e0fb..7f5fe85 100644
--- a/src/ssl/ssl_hs_server.t0
+++ b/src/ssl/ssl_hs_server.t0
@@ -585,7 +585,7 @@ cc: save-session ( -- ) {
 	check-resume { resume }
 
 	\ Cipher suites. We read all cipher suites from client, each time
-	\ matching against our own list. We accumulare suites in the
+	\ matching against our own list. We accumulate suites in the
 	\ client_suites[] context buffer: we keep suites that are
 	\ supported by both the client and the server (so the list size
 	\ cannot exceed that of the server list), and we keep them in
@@ -772,7 +772,7 @@ cc: save-session ( -- ) {
 	\ In 'can-ecdhe', bit 12 is set if ECDHE_RSA is possible, bit 13 is
 	\ set if ECDHE_ECDSA is possible.
 	dup 0xFF and 0<> neg
-	swap 8 >> 0<> 2 and or { can-ecdhe }
+	swap 8 >> 0<> 2 and or 12 << { can-ecdhe }
 
 	\ Filter supported curves. If there is no common curve between
 	\ client and us, then ECDHE suites cannot be used. Note that we