OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________
________________
Server: cvs.openssl.org Name: Bodo
Moeller
Root: /v/openssl/cvs Email: bodo openssl.org
Module: openssl Date:
29-Nov-2006 15:44:08
Branch: OpenSSL_0_9_7-stable Handle:
2006112914440601
Modified files: (Branch: OpenSSL_0_9_7-stable)
openssl CHANGES
openssl/ssl s23_clnt.c s23_srvr.c s3_pkt.c
s3_srvr.c
Log:
fix support for receiving fragmented handshake messages
Summary:
Revision Changes Path
1.977.2.185 +7 -0 openssl/CHANGES
1.20.2.11 +0 -1 openssl/ssl/s23_clnt.c
1.41.2.9 +0 -1 openssl/ssl/s23_srvr.c
1.46.2.8 +1 -5 openssl/ssl/s3_pkt.c
1.85.2.30 +2 -1 openssl/ssl/s3_srvr.c
____________________________________________________________
________________
patch -p0 <<' .'
Index: openssl/CHANGES
============================================================
================
$ cvs diff -u -r1.977.2.184 -r1.977.2.185 CHANGES
--- openssl/CHANGES 21 Nov 2006 19:19:08 -0000 1.977.2.184
+++ openssl/CHANGES 29 Nov 2006 14:44:06 -0000 1.977.2.185
-4,6 +4,13
Changes between 0.9.7l and 0.9.7m [xx XXX xxxx]
+ *) Have SSL/TLS server implementation tolerate
"mismatched" record
+ protocol version while receiving ClientHello even if
the
+ ClientHello is fragmented. (The server can't insist
on the
+ particular protocol version it has chosen before the
ServerHello
+ message has informed the client about his choice.)
+ [Bodo Moeller]
+
*) Load error codes if they are not already present
instead of using a
static variable. This allows them to be cleanly
unloaded and reloaded.
[Steve Henson]
.
patch -p0 <<' .'
Index: openssl/ssl/s23_clnt.c
============================================================
================
$ cvs diff -u -r1.20.2.10 -r1.20.2.11 s23_clnt.c
--- openssl/ssl/s23_clnt.c 30 Jan 2006 13:49:59
-0000 1.20.2.10
+++ openssl/ssl/s23_clnt.c 29 Nov 2006 14:44:07
-0000 1.20.2.11
-608,7 +608,6
if (!ssl_get_new_session(s,0))
goto err;
- s->first_packet=1;
return(SSL_connect(s));
err:
return(-1);
.
patch -p0 <<' .'
Index: openssl/ssl/s23_srvr.c
============================================================
================
$ cvs diff -u -r1.41.2.8 -r1.41.2.9 s23_srvr.c
--- openssl/ssl/s23_srvr.c 30 Jan 2006 13:49:59
-0000 1.41.2.8
+++ openssl/ssl/s23_srvr.c 29 Nov 2006 14:44:07
-0000 1.41.2.9
-592,7 +592,6
s->init_num=0;
if (buf != buf_space) OPENSSL_free(buf);
- s->first_packet=1;
return(SSL_accept(s));
err:
if (buf != buf_space) OPENSSL_free(buf);
.
patch -p0 <<' .'
Index: openssl/ssl/s3_pkt.c
============================================================
================
$ cvs diff -u -r1.46.2.7 -r1.46.2.8 s3_pkt.c
--- openssl/ssl/s3_pkt.c 15 May 2004 17:46:50
-0000 1.46.2.7
+++ openssl/ssl/s3_pkt.c 29 Nov 2006 14:44:07
-0000 1.46.2.8
-275,11 +275,7
n2s(p,rr->length);
/* Lets check version */
- if (s->first_packet)
- {
- s->first_packet=0;
- }
- else
+ if (!s->first_packet)
{
if (version != s->version)
{
.
patch -p0 <<' .'
Index: openssl/ssl/s3_srvr.c
============================================================
================
$ cvs diff -u -r1.85.2.29 -r1.85.2.30 s3_srvr.c
--- openssl/ssl/s3_srvr.c 28 Sep 2006 11:53:51
-0000 1.85.2.29
+++ openssl/ssl/s3_srvr.c 29 Nov 2006 14:44:07
-0000 1.85.2.30
-662,9 +662,9
*/
if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
{
- s->first_packet=1;
s->state=SSL3_ST_SR_CLNT_HELLO_B;
}
+ s->first_packet=1;
n=ssl3_get_message(s,
SSL3_ST_SR_CLNT_HELLO_B,
SSL3_ST_SR_CLNT_HELLO_C,
-673,6 +673,7
&ok);
if (!ok) return((int)n);
+ s->first_packet=0;
d=p=(unsigned char *)s->init_msg;
/* use version from inside client hello, not from record
header
.
____________________________________________________________
__________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List
openssl-cvsopenssl.org
Automated List Manager
majordomoopenssl.org
|