Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
openssl
提交
ddc38679
O
openssl
项目概览
btwise
/
openssl
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
ddc38679
编写于
7月 21, 2003
作者:
B
Bodo Möller
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
tolerate extra data at end of client hello for SSL 3.0
PR: 659
上级
02e05594
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
21 addition
and
0 deletion
+21
-0
CHANGES
CHANGES
+17
-0
ssl/s3_srvr.c
ssl/s3_srvr.c
+4
-0
未找到文件。
CHANGES
浏览文件 @
ddc38679
...
...
@@ -537,6 +537,15 @@
Changes between 0.9.7b and 0.9.7c [xx XXX 2003]
*) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
extra data after the compression methods not only for TLS 1.0
but also for SSL 3.0 (as required by the specification).
[Bodo Moeller; problem pointed out by Matthias Loepfe]
*) Change X509_certificate_type() to mark the key as exported/exportable
when it's 512 *bits* long, not 512 bytes.
[Richard Levitte]
*) Change AES_cbc_encrypt() so it outputs exact multiple of
blocks during encryption.
[Richard Levitte]
...
...
@@ -671,6 +680,9 @@ yet to be integrated into this CVS branch:
Changes between 0.9.6h and 0.9.7 [31 Dec 2002]
[NB: OpenSSL 0.9.6i and later 0.9.6 patch levels were released after
OpenSSL 0.9.7.]
*) Fix session ID handling in SSLv2 client code: the SERVER FINISHED
code (06) was taken as the first octet of the session ID and the last
octet was ignored consequently. As a result SSLv2 client side session
...
...
@@ -2491,6 +2503,11 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
Changes between 0.9.6j and 0.9.6k [xx XXX 2003]
*) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
extra data after the compression methods not only for TLS 1.0
but also for SSL 3.0 (as required by the specification).
[Bodo Moeller; problem pointed out by Matthias Loepfe]
*) Change X509_certificate_type() to mark the key as exported/exportable
when it's 512 *bits* long, not 512 bytes.
[Richard Levitte]
...
...
ssl/s3_srvr.c
浏览文件 @
ddc38679
...
...
@@ -883,6 +883,9 @@ static int ssl3_get_client_hello(SSL *s)
}
/* TLS does not mind if there is extra stuff */
#if 0 /* SSL 3.0 does not mind either, so we should disable this test
* (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b,
* in earlier SSLeay/OpenSSL releases this test existed but was buggy) */
if (s->version == SSL3_VERSION)
{
if (p < (d+n))
...
...
@@ -894,6 +897,7 @@ static int ssl3_get_client_hello(SSL *s)
goto f_err;
}
}
#endif
/* Given s->session->ciphers and SSL_get_ciphers, we must
* pick a cipher */
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录