提交 cb0369d8 编写于 作者: B Bodo Möller

Repair another bug in s23_get_client_hello:

tls1 did not survive to restarts, so get rid of it.
上级 778f1092
...@@ -191,7 +191,7 @@ int ssl23_get_client_hello(SSL *s) ...@@ -191,7 +191,7 @@ int ssl23_get_client_hello(SSL *s)
unsigned char *p,*d,*dd; unsigned char *p,*d,*dd;
unsigned int i; unsigned int i;
unsigned int csl,sil,cl; unsigned int csl,sil,cl;
int n=0,j,tls1=0; int n=0,j;
int type=0,use_sslv2_strong=0; int type=0,use_sslv2_strong=0;
int v[2]; int v[2];
...@@ -229,12 +229,13 @@ int ssl23_get_client_hello(SSL *s) ...@@ -229,12 +229,13 @@ int ssl23_get_client_hello(SSL *s)
{ {
if (!(s->options & SSL_OP_NO_TLSv1)) if (!(s->options & SSL_OP_NO_TLSv1))
{ {
tls1=1; s->version=TLS1_VERSION;
/* type=2; */ /* done later to survive restarts */ /* type=2; */ /* done later to survive restarts */
s->state=SSL23_ST_SR_CLNT_HELLO_B; s->state=SSL23_ST_SR_CLNT_HELLO_B;
} }
else if (!(s->options & SSL_OP_NO_SSLv3)) else if (!(s->options & SSL_OP_NO_SSLv3))
{ {
s->version=SSL3_VERSION;
/* type=2; */ /* type=2; */
s->state=SSL23_ST_SR_CLNT_HELLO_B; s->state=SSL23_ST_SR_CLNT_HELLO_B;
} }
...@@ -245,6 +246,7 @@ int ssl23_get_client_hello(SSL *s) ...@@ -245,6 +246,7 @@ int ssl23_get_client_hello(SSL *s)
} }
else if (!(s->options & SSL_OP_NO_SSLv3)) else if (!(s->options & SSL_OP_NO_SSLv3))
{ {
s->version=SSL3_VERSION;
/* type=2; */ /* type=2; */
s->state=SSL23_ST_SR_CLNT_HELLO_B; s->state=SSL23_ST_SR_CLNT_HELLO_B;
} }
...@@ -329,12 +331,15 @@ int ssl23_get_client_hello(SSL *s) ...@@ -329,12 +331,15 @@ int ssl23_get_client_hello(SSL *s)
{ {
if (!(s->options & SSL_OP_NO_TLSv1)) if (!(s->options & SSL_OP_NO_TLSv1))
{ {
s->version=TLS1_VERSION;
type=3; type=3;
tls1=1;
} }
else if (!(s->options & SSL_OP_NO_SSLv3)) else if (!(s->options & SSL_OP_NO_SSLv3))
{
s->version=SSL3_VERSION;
type=3; type=3;
} }
}
else if (!(s->options & SSL_OP_NO_SSLv3)) else if (!(s->options & SSL_OP_NO_SSLv3))
type=3; type=3;
} }
...@@ -356,12 +361,14 @@ int ssl23_get_client_hello(SSL *s) ...@@ -356,12 +361,14 @@ int ssl23_get_client_hello(SSL *s)
next_bit: next_bit:
if (s->state == SSL23_ST_SR_CLNT_HELLO_B) if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
{ {
/* we have a SSLv3/TLSv1 in a SSLv2 header /* we have SSLv3/TLSv1 in an SSLv2 header
* (other cases skip this state)* */ * (other cases skip this state) */
type=2; type=2;
p=s->packet; p=s->packet;
v[0] = p[3]; v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
v[1] = p[4]; v[1] = p[4];
n=((p[0]&0x7f)<<8)|p[1]; n=((p[0]&0x7f)<<8)|p[1];
if (n > (1024*4)) if (n > (1024*4))
{ {
...@@ -386,11 +393,8 @@ next_bit: ...@@ -386,11 +393,8 @@ next_bit:
goto err; goto err;
} }
*(d++)=SSL3_VERSION_MAJOR; *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
if (tls1) *(d++) = v[1];
*(d++)=TLS1_VERSION_MINOR;
else
*(d++)=SSL3_VERSION_MINOR;
/* lets populate the random area */ /* lets populate the random area */
/* get the chalenge_length */ /* get the chalenge_length */
...@@ -499,16 +503,10 @@ next_bit: ...@@ -499,16 +503,10 @@ next_bit:
s->s3->rbuf.offset=0; s->s3->rbuf.offset=0;
} }
if (tls1) if (s->version == TLS1_VERSION)
{ s->method = TLSv1_server_method();
s->version=TLS1_VERSION;
s->method=TLSv1_server_method();
}
else else
{ s->method = SSLv3_server_method();
s->version=SSL3_VERSION;
s->method=SSLv3_server_method();
}
#if 0 /* ssl3_get_client_hello does this */ #if 0 /* ssl3_get_client_hello does this */
s->client_version=(v[0]<<8)|v[1]; s->client_version=(v[0]<<8)|v[1];
#endif #endif
...@@ -530,4 +528,3 @@ err: ...@@ -530,4 +528,3 @@ err:
if (buf != buf_space) Free(buf); if (buf != buf_space) Free(buf);
return(-1); return(-1);
} }
...@@ -727,7 +727,7 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count) ...@@ -727,7 +727,7 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count)
num = INT_MAX; num = INT_MAX;
if (num > 1) if (num > 1)
--num; /* for testing restartability even more thoroughly */ --num; /* test restartability even more thoroughly */
r = BIO_nwrite(io1, &dataptr, (int)num); r = BIO_nwrite(io1, &dataptr, (int)num);
assert(r > 0); assert(r > 0);
......
...@@ -64,7 +64,7 @@ echo test sslv2/sslv3 via BIO pair ...@@ -64,7 +64,7 @@ echo test sslv2/sslv3 via BIO pair
./ssltest || exit 1 ./ssltest || exit 1
echo test sslv2/sslv3 w/o DHE via BIO pair echo test sslv2/sslv3 w/o DHE via BIO pair
./ssltest -no_dhe || exit 1 ./ssltest -bio_pair -no_dhe || exit 1
echo test sslv2/sslv3 with server authentication echo test sslv2/sslv3 with server authentication
./ssltest -bio_pair -server_auth -CApath ../certs || exit 1 ./ssltest -bio_pair -server_auth -CApath ../certs || exit 1
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册