make code a little more similar to what it looked like before the fixes,

call ssl2_part_read again to parse error message

make code a little more similar to what it looked like before the fixes,
call ssl2_part_read again to parse error message
2b90b1f3 · Bodo Möller · 65123f80 · 2b90b1f3 · 2b90b1f3 · 2b90b1f3
隐藏空白更改
内联并排

Showing with 24 addition and 10 deletion

CHANGES CHANGES +1 -1

ssl/s2_clnt.c ssl/s2_clnt.c +15 -6

ssl/s2_srvr.c ssl/s2_srvr.c +8 -3

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -115,7 +115,7 @@

  *) Change ssl/s2_clnt.c and ssl/s3_srvr.c so that received handshake
     messages are stored in a single piece (fixed-length part and
-     variable-length part) and fix various bugs found on the way.
+     variable-length part combined) and fix various bugs found on the way.
     [Bodo Moeller]

  *) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert

--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -873,8 +873,8 @@ static int get_server_verify(SSL *s)
 	p=(unsigned char *)s->init_buf->data;
 	if (s->state == SSL2_ST_GET_SERVER_VERIFY_A)
 		{
-		i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
-		if (i < (3-s->init_num)) 
+		i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
+		if (i < (1-s->init_num)) 
 			return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i));
 		s->init_num += i;

@@ -888,8 +888,12 @@ static int get_server_verify(SSL *s)
 					SSL_R_READ_WRONG_PACKET_TYPE);
 				}
 			else
-				SSLerr(SSL_F_GET_SERVER_VERIFY,
-					SSL_R_PEER_ERROR);
+				{
+				SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_PEER_ERROR);
+				/* try to read the error message */
+				i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
+				return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
+				}
 			return(-1);
 			}
 		}
@@ -923,8 +927,8 @@ static int get_server_finished(SSL *s)
 	p=buf;
 	if (s->state == SSL2_ST_GET_SERVER_FINISHED_A)
 		{
-		i=ssl2_read(s,(char *)&(buf[s->init_num]),3-s->init_num);
-		if (i < (3-s->init_num))
+		i=ssl2_read(s,(char *)&(buf[s->init_num]),1-s->init_num);
+		if (i < (1-s->init_num))
 			return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i));
 		s->init_num += i;

@@ -941,7 +945,12 @@ static int get_server_finished(SSL *s)
 				SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
 				}
 			else
+				{
 				SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_PEER_ERROR);
+				/* try to read the error message */
+				i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
+				return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
+				}
 			return(-1);
 			}
 		s->state=SSL2_ST_GET_SERVER_FINISHED_B;

--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -801,10 +801,10 @@ static int get_client_finished(SSL *s)
 	p=(unsigned char *)s->init_buf->data;
 	if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A)
 		{
-		i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
-		if (i < 3-s->init_num)
+		i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
+		if (i < 1-s->init_num)
 			return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
-		s->init_num = 3;
+		s->init_num += i;

 		if (*p != SSL2_MT_CLIENT_FINISHED)
 			{
@@ -814,7 +814,12 @@ static int get_client_finished(SSL *s)
 				SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
 				}
 			else
+				{
 				SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR);
+				/* try to read the error message */
+				i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
+				return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
+				}
 			return(-1);
 			}
 		s->state=SSL2_ST_GET_CLIENT_FINISHED_B;