提交 90a52cec 编写于 作者: R Ralf S. Engelschall

Fix the cipher decision scheme for export ciphers: the export bits are *not*

within SSL_MKEY_MASK or SSL_AUTH_MASK, they are within SSL_EXP_MASK.  So, the
original variable has to be used instead of the already masked variable.

Submitted by: Richard Levitte <levitte@stacken.kth.se>
Reviewed by: Ralf S. Engelschall
上级 def9f431
......@@ -5,6 +5,12 @@
Changes between 0.9.1c and 0.9.2
*) Fix the cipher decision scheme for export ciphers: the export bits are
*not* within SSL_MKEY_MASK or SSL_AUTH_MASK, they are within
SSL_EXP_MASK. So, the original variable has to be used instead of the
already masked variable.
[Richard Levitte <levitte@stacken.kth.se>]
*) Fix 'port' variable from `int' to `unsigned int' in crypto/bio/b_sock.c
[Richard Levitte <levitte@stacken.kth.se>]
......
......@@ -771,11 +771,11 @@ STACK *have,*pref;
emask=cert->export_mask;
alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
if (SSL_IS_EXPORT(alg))
if (SSL_IS_EXPORT(c->algorithms))
{
ok=((alg & emask) == alg)?1:0;
#ifdef CIPHER_DEBUG
printf("%d:[%08lX:%08lX]%s\n",ok,alg,mask,c->name);
printf("%d:[%08lX:%08lX]%s (export)\n",ok,alg,mask,c->name);
#endif
}
else
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册