OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________
________________
Server: cvs.openssl.org Name: Bodo
Moeller
Root: /v/openssl/cvs Email: bodo openssl.org
Module: openssl Date:
29-Nov-2006 15:45:15
Branch: OpenSSL_0_9_8-stable Handle:
2006112914451004
Modified files: (Branch: OpenSSL_0_9_8-stable)
openssl CHANGES
openssl/ssl d1_pkt.c s23_clnt.c s23_srvr.c
s3_pkt.c s3_srvr.c
Log:
fix support for receiving fragmented handshake messages
Summary:
Revision Changes Path
1.1238.2.54 +20 -0 openssl/CHANGES
1.4.2.5 +1 -5 openssl/ssl/d1_pkt.c
1.28.2.3 +0 -1 openssl/ssl/s23_clnt.c
1.46.2.4 +0 -1 openssl/ssl/s23_srvr.c
1.57.2.2 +1 -5 openssl/ssl/s3_pkt.c
1.126.2.10 +2 -1 openssl/ssl/s3_srvr.c
____________________________________________________________
________________
patch -p0 <<' .'
Index: openssl/CHANGES
============================================================
================
$ cvs diff -u -r1.1238.2.53 -r1.1238.2.54 CHANGES
--- openssl/CHANGES 27 Nov 2006 13:36:51 -0000 1.1238.2.53
+++ openssl/CHANGES 29 Nov 2006 14:45:10 -0000 1.1238.2.54
-4,6 +4,13
Changes between 0.9.8d and 0.9.8e [XX xxx XXXX]
+ *) Have SSL/TLS server implementation tolerate
"mismatched" record
+ protocol version while receiving ClientHello even if
the
+ ClientHello is fragmented. (The server can't insist
on the
+ particular protocol version it has chosen before the
ServerHello
+ message has informed the client about his choice.)
+ [Bodo Moeller]
+
*) Add RFC 3779 support.
[Rob Austein for ARIN, Ben Laurie]
-1016,6 +1023,19
differing sizes.
[Richard Levitte]
+ Changes between 0.9.7l and 0.9.7m [xx XXX xxxx]
+
+ *) Have SSL/TLS server implementation tolerate
"mismatched" record
+ protocol version while receiving ClientHello even if
the
+ ClientHello is fragmented. (The server can't insist
on the
+ particular protocol version it has chosen before the
ServerHello
+ message has informed the client about his choice.)
+ [Bodo Moeller]
+
+ *) Load error codes if they are not already present
instead of using a
+ static variable. This allows them to be cleanly
unloaded and reloaded.
+ [Steve Henson]
+
Changes between 0.9.7k and 0.9.7l [28 Sep 2006]
*) Introduce limits to prevent malicious keys being
able to
.
patch -p0 <<' .'
Index: openssl/ssl/d1_pkt.c
============================================================
================
$ cvs diff -u -r1.4.2.4 -r1.4.2.5 d1_pkt.c
--- openssl/ssl/d1_pkt.c 23 Sep 2006 17:30:25
-0000 1.4.2.4
+++ openssl/ssl/d1_pkt.c 29 Nov 2006 14:45:13
-0000 1.4.2.5
-533,11 +533,7
n2s(p,rr->length);
/* Lets check version */
- if (s->first_packet)
- {
- s->first_packet=0;
- }
- else
+ if (!s->first_packet)
{
if (version != s->version)
{
.
patch -p0 <<' .'
Index: openssl/ssl/s23_clnt.c
============================================================
================
$ cvs diff -u -r1.28.2.2 -r1.28.2.3 s23_clnt.c
--- openssl/ssl/s23_clnt.c 5 Dec 2005 17:32:19
-0000 1.28.2.2
+++ openssl/ssl/s23_clnt.c 29 Nov 2006 14:45:13
-0000 1.28.2.3
-574,7 +574,6
if (!ssl_get_new_session(s,0))
goto err;
- s->first_packet=1;
return(SSL_connect(s));
err:
return(-1);
.
patch -p0 <<' .'
Index: openssl/ssl/s23_srvr.c
============================================================
================
$ cvs diff -u -r1.46.2.3 -r1.46.2.4 s23_srvr.c
--- openssl/ssl/s23_srvr.c 5 Dec 2005 17:32:19
-0000 1.46.2.3
+++ openssl/ssl/s23_srvr.c 29 Nov 2006 14:45:14
-0000 1.46.2.4
-565,7 +565,6
s->init_num=0;
if (buf != buf_space) OPENSSL_free(buf);
- s->first_packet=1;
return(SSL_accept(s));
err:
if (buf != buf_space) OPENSSL_free(buf);
.
patch -p0 <<' .'
Index: openssl/ssl/s3_pkt.c
============================================================
================
$ cvs diff -u -r1.57.2.1 -r1.57.2.2 s3_pkt.c
--- openssl/ssl/s3_pkt.c 30 Sep 2005 23:38:20
-0000 1.57.2.1
+++ openssl/ssl/s3_pkt.c 29 Nov 2006 14:45:14
-0000 1.57.2.2
-277,11 +277,7
n2s(p,rr->length);
/* Lets check version */
- if (s->first_packet)
- {
- s->first_packet=0;
- }
- else
+ if (!s->first_packet)
{
if (version != s->version)
{
.
patch -p0 <<' .'
Index: openssl/ssl/s3_srvr.c
============================================================
================
$ cvs diff -u -r1.126.2.9 -r1.126.2.10 s3_srvr.c
--- openssl/ssl/s3_srvr.c 28 Sep 2006 12:23:15
-0000 1.126.2.9
+++ openssl/ssl/s3_srvr.c 29 Nov 2006 14:45:14
-0000 1.126.2.10
-680,9 +680,9
*/
if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
{
- s->first_packet=1;
s->state=SSL3_ST_SR_CLNT_HELLO_B;
}
+ s->first_packet=1;
n=s->method->ssl_get_message(s,
SSL3_ST_SR_CLNT_HELLO_B,
SSL3_ST_SR_CLNT_HELLO_C,
-691,6 +691,7
&ok);
if (!ok) return((int)n);
+ s->first_packet=0;
d=p=(unsigned char *)s->init_msg;
/* use version from inside client hello, not from record
header
.
____________________________________________________________
__________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List
openssl-cvsopenssl.org
Automated List Manager
majordomoopenssl.org
|