summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s23_srvr.c
diff options
context:
space:
mode:
authorbeck <>2000-12-15 02:58:47 +0000
committerbeck <>2000-12-15 02:58:47 +0000
commit9200bb13d15da4b2a23e6bc92c20e95b74aa2113 (patch)
tree5c52d628ec1e34be76e7ef2a4235d248b7c44d24 /src/lib/libssl/s23_srvr.c
parente131d25072e3d4197ba4b9bcc0d1b27d34d6488d (diff)
downloadopenbsd-9200bb13d15da4b2a23e6bc92c20e95b74aa2113.tar.gz
openbsd-9200bb13d15da4b2a23e6bc92c20e95b74aa2113.tar.bz2
openbsd-9200bb13d15da4b2a23e6bc92c20e95b74aa2113.zip
openssl-engine-0.9.6 merge
Diffstat (limited to 'src/lib/libssl/s23_srvr.c')
-rw-r--r--src/lib/libssl/s23_srvr.c32
1 files changed, 20 insertions, 12 deletions
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c
index 6a3bbb10b9..050618235f 100644
--- a/src/lib/libssl/s23_srvr.c
+++ b/src/lib/libssl/s23_srvr.c
@@ -297,7 +297,7 @@ int ssl23_get_client_hello(SSL *s)
297 if (n <= 0) return(n); 297 if (n <= 0) return(n);
298 p=s->packet; 298 p=s->packet;
299 299
300 if ((buf=Malloc(n)) == NULL) 300 if ((buf=OPENSSL_malloc(n)) == NULL)
301 { 301 {
302 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); 302 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
303 goto err; 303 goto err;
@@ -348,16 +348,21 @@ int ssl23_get_client_hello(SSL *s)
348 * SSLv3 or tls1 header 348 * SSLv3 or tls1 header
349 */ 349 */
350 350
351 v[0]=p[1]; /* major version */ 351 v[0]=p[1]; /* major version (= SSL3_VERSION_MAJOR) */
352 /* We must look at client_version inside the Client Hello message 352 /* We must look at client_version inside the Client Hello message
353 * to get the correct minor version: */ 353 * to get the correct minor version.
354 v[1]=p[10]; 354 * However if we have only a pathologically small fragment of the
355 /* However if we have only a pathologically small fragment of the 355 * Client Hello message, this would be difficult, we'd have
356 * Client Hello message, we simply use the version from the 356 * to read at least one additional record to find out.
357 * record header -- this is incorrect but unlikely to fail in 357 * This doesn't usually happen in real life, so we just complain
358 * practice */ 358 * for now.
359 */
359 if (p[3] == 0 && p[4] < 6) 360 if (p[3] == 0 && p[4] < 6)
360 v[1]=p[2]; 361 {
362 SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL);
363 goto err;
364 }
365 v[1]=p[10]; /* minor version according to client_version */
361 if (v[1] >= TLS1_VERSION_MINOR) 366 if (v[1] >= TLS1_VERSION_MINOR)
362 { 367 {
363 if (!(s->options & SSL_OP_NO_TLSv1)) 368 if (!(s->options & SSL_OP_NO_TLSv1))
@@ -495,9 +500,12 @@ int ssl23_get_client_hello(SSL *s)
495 500
496 s->state=SSL2_ST_GET_CLIENT_HELLO_A; 501 s->state=SSL2_ST_GET_CLIENT_HELLO_A;
497 if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || 502 if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
498 use_sslv2_strong) 503 use_sslv2_strong ||
504 (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
499 s->s2->ssl2_rollback=0; 505 s->s2->ssl2_rollback=0;
500 else 506 else
507 /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
508 * (SSL 3.0 draft/RFC 2246, App. E.2) */
501 s->s2->ssl2_rollback=1; 509 s->s2->ssl2_rollback=1;
502 510
503 /* setup the n bytes we have read so we get them from 511 /* setup the n bytes we have read so we get them from
@@ -559,10 +567,10 @@ int ssl23_get_client_hello(SSL *s)
559 } 567 }
560 s->init_num=0; 568 s->init_num=0;
561 569
562 if (buf != buf_space) Free(buf); 570 if (buf != buf_space) OPENSSL_free(buf);
563 s->first_packet=1; 571 s->first_packet=1;
564 return(SSL_accept(s)); 572 return(SSL_accept(s));
565err: 573err:
566 if (buf != buf_space) Free(buf); 574 if (buf != buf_space) OPENSSL_free(buf);
567 return(-1); 575 return(-1);
568 } 576 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 08:21:21 +0000