tolerate extra data at end of client hello for SSL 3.0
PR: 659
This commit is contained in:
Bodo Möller
parent
2f4335ec2b
commit
5cc2658cff
2 changed files with 21 additions and 0 deletions
17
CHANGES
17
CHANGES
|
|
@ -4,6 +4,15 @@
|
|||
|
||||
Changes between 0.9.7b and 0.9.7c [xx XXX 2003]
|
||||
|
||||
*) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
|
||||
extra data after the compression methods not only for TLS 1.0
|
||||
but also for SSL 3.0 (as required by the specification).
|
||||
[Bodo Moeller; problem pointed out by Matthias Loepfe]
|
||||
|
||||
*) Change X509_certificate_type() to mark the key as exported/exportable
|
||||
when it's 512 *bits* long, not 512 bytes.
|
||||
[Richard Levitte]
|
||||
|
||||
*) Change AES_cbc_encrypt() so it outputs exact multiple of
|
||||
blocks during encryption.
|
||||
[Richard Levitte]
|
||||
|
|
@ -141,6 +150,9 @@
|
|||
|
||||
Changes between 0.9.6h and 0.9.7 [31 Dec 2002]
|
||||
|
||||
[NB: OpenSSL 0.9.6i and later 0.9.6 patch levels were released after
|
||||
OpenSSL 0.9.7.]
|
||||
|
||||
*) Fix session ID handling in SSLv2 client code: the SERVER FINISHED
|
||||
code (06) was taken as the first octet of the session ID and the last
|
||||
octet was ignored consequently. As a result SSLv2 client side session
|
||||
|
|
@ -1961,6 +1973,11 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
|
|||
|
||||
Changes between 0.9.6j and 0.9.6k [xx XXX 2003]
|
||||
|
||||
*) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
|
||||
extra data after the compression methods not only for TLS 1.0
|
||||
but also for SSL 3.0 (as required by the specification).
|
||||
[Bodo Moeller; problem pointed out by Matthias Loepfe]
|
||||
|
||||
*) Change X509_certificate_type() to mark the key as exported/exportable
|
||||
when it's 512 *bits* long, not 512 bytes.
|
||||
[Richard Levitte]
|
||||
|
|
|
|||
|
|
@ -844,6 +844,9 @@ static int ssl3_get_client_hello(SSL *s)
|
|||
}
|
||||
|
||||
/* TLS does not mind if there is extra stuff */
|
||||
#if 0 /* SSL 3.0 does not mind either, so we should disable this test
|
||||
* (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b,
|
||||
* in earlier SSLeay/OpenSSL releases this test existed but was buggy) */
|
||||
if (s->version == SSL3_VERSION)
|
||||
{
|
||||
if (p < (d+n))
|
||||
|
|
@ -855,6 +858,7 @@ static int ssl3_get_client_hello(SSL *s)
|
|||
goto f_err;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Given s->session->ciphers and SSL_get_ciphers, we must
|
||||
* pick a cipher */
|
||||
|
|
|
|||
Loading…
Reference in a new issue