diff options
| author | markus <> | 2003-11-11 21:21:30 +0000 |
|---|---|---|
| committer | markus <> | 2003-11-11 21:21:30 +0000 |
| commit | 9c1aa44a1eacea897c0432e796b205b8484ff4d2 (patch) | |
| tree | 5dcca7a2baa0fb63d6886729918ea26b68578561 /src/lib/libssl/s3_srvr.c | |
| parent | 1c98a87f0daac81245653c227eb2f2508a22a965 (diff) | |
| download | openbsd-9c1aa44a1eacea897c0432e796b205b8484ff4d2.tar.gz openbsd-9c1aa44a1eacea897c0432e796b205b8484ff4d2.tar.bz2 openbsd-9c1aa44a1eacea897c0432e796b205b8484ff4d2.zip | |
import 0.9.7c
Diffstat (limited to 'src/lib/libssl/s3_srvr.c')
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 58cf774967..881f68b998 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -431,10 +431,11 @@ int ssl3_accept(SSL *s) | |||
| 431 | if (ret == 2) | 431 | if (ret == 2) |
| 432 | s->state = SSL3_ST_SR_CLNT_HELLO_C; | 432 | s->state = SSL3_ST_SR_CLNT_HELLO_C; |
| 433 | else { | 433 | else { |
| 434 | /* could be sent for a DH cert, even if we | 434 | if (s->s3->tmp.cert_request) |
| 435 | * have not asked for it :-) */ | 435 | { |
| 436 | ret=ssl3_get_client_certificate(s); | 436 | ret=ssl3_get_client_certificate(s); |
| 437 | if (ret <= 0) goto end; | 437 | if (ret <= 0) goto end; |
| 438 | } | ||
| 438 | s->init_num=0; | 439 | s->init_num=0; |
| 439 | s->state=SSL3_ST_SR_KEY_EXCH_A; | 440 | s->state=SSL3_ST_SR_KEY_EXCH_A; |
| 440 | } | 441 | } |
| @@ -844,6 +845,9 @@ static int ssl3_get_client_hello(SSL *s) | |||
| 844 | } | 845 | } |
| 845 | 846 | ||
| 846 | /* TLS does not mind if there is extra stuff */ | 847 | /* TLS does not mind if there is extra stuff */ |
| 848 | #if 0 /* SSL 3.0 does not mind either, so we should disable this test | ||
| 849 | * (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b, | ||
| 850 | * in earlier SSLeay/OpenSSL releases this test existed but was buggy) */ | ||
| 847 | if (s->version == SSL3_VERSION) | 851 | if (s->version == SSL3_VERSION) |
| 848 | { | 852 | { |
| 849 | if (p < (d+n)) | 853 | if (p < (d+n)) |
| @@ -855,6 +859,7 @@ static int ssl3_get_client_hello(SSL *s) | |||
| 855 | goto f_err; | 859 | goto f_err; |
| 856 | } | 860 | } |
| 857 | } | 861 | } |
| 862 | #endif | ||
| 858 | 863 | ||
| 859 | /* Given s->session->ciphers and SSL_get_ciphers, we must | 864 | /* Given s->session->ciphers and SSL_get_ciphers, we must |
| 860 | * pick a cipher */ | 865 | * pick a cipher */ |
| @@ -1352,6 +1357,7 @@ static int ssl3_send_certificate_request(SSL *s) | |||
| 1352 | s->init_num += 4; | 1357 | s->init_num += 4; |
| 1353 | #endif | 1358 | #endif |
| 1354 | 1359 | ||
| 1360 | s->state = SSL3_ST_SW_CERT_REQ_B; | ||
| 1355 | } | 1361 | } |
| 1356 | 1362 | ||
| 1357 | /* SSL3_ST_SW_CERT_REQ_B */ | 1363 | /* SSL3_ST_SW_CERT_REQ_B */ |