generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix sign problems

Browse Source
This commit is contained in:
Bodo Möller 2006-03-13 09:55:06 +00:00
parent 7c382796be
commit 019fdc7850
3 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ssl/ssl.h
View File

@ -510,8 +510,8 @@ typedef struct ssl_session_st
#ifndef OPENSSL_NO_TLSEXT #ifndef OPENSSL_NO_TLSEXT
char *tlsext_hostname; char *tlsext_hostname;
#ifndef OPENSSL_NO_EC #ifndef OPENSSL_NO_EC
int tlsext_ecpointformatlist_length; size_t tlsext_ecpointformatlist_length;
char * tlsext_ecpointformatlist; unsigned char *tlsext_ecpointformatlist; /* peer's list */
#endif /* OPENSSL_NO_EC */ #endif /* OPENSSL_NO_EC */
#endif #endif
} SSL_SESSION; } SSL_SESSION;
@ -1064,8 +1064,8 @@ struct ssl_st
2 : don't call servername callback, no ack in server hello 2 : don't call servername callback, no ack in server hello
*/ */
#ifndef OPENSSL_NO_EC #ifndef OPENSSL_NO_EC
int tlsext_ecpointformatlist_length; size_t tlsext_ecpointformatlist_length;
char * tlsext_ecpointformatlist; unsigned char *tlsext_ecpointformatlist; /* our list */
#endif /* OPENSSL_NO_EC */ #endif /* OPENSSL_NO_EC */
SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
#define session_ctx initial_ctx #define session_ctx initial_ctx
@ -1764,8 +1764,10 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL3_SETUP_KEY_BLOCK 157 #define SSL_F_SSL3_SETUP_KEY_BLOCK 157
#define SSL_F_SSL3_WRITE_BYTES 158 #define SSL_F_SSL3_WRITE_BYTES 158
#define SSL_F_SSL3_WRITE_PENDING 159 #define SSL_F_SSL3_WRITE_PENDING 159
#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215 #define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216 #define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
#define SSL_F_SSL_BAD_METHOD 160 #define SSL_F_SSL_BAD_METHOD 160
#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161 #define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
#define SSL_F_SSL_CERT_DUP 221 #define SSL_F_SSL_CERT_DUP 221

2
ssl/ssl_err.c
View File

@ -166,8 +166,10 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "SSL3_SETUP_KEY_BLOCK"}, {ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "SSL3_SETUP_KEY_BLOCK"},
{ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "SSL3_WRITE_BYTES"}, {ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "SSL3_WRITE_BYTES"},
{ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "SSL3_WRITE_PENDING"}, {ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "SSL3_WRITE_PENDING"},
{ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT), "SSL_ADD_CLIENTHELLO_TLSEXT"},
{ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK), "SSL_add_dir_cert_subjects_to_stack"}, {ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK), "SSL_add_dir_cert_subjects_to_stack"},
{ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK), "SSL_add_file_cert_subjects_to_stack"}, {ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK), "SSL_add_file_cert_subjects_to_stack"},
{ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT), "SSL_ADD_SERVERHELLO_TLSEXT"},
{ERR_FUNC(SSL_F_SSL_BAD_METHOD), "SSL_BAD_METHOD"}, {ERR_FUNC(SSL_F_SSL_BAD_METHOD), "SSL_BAD_METHOD"},
{ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "SSL_BYTES_TO_CIPHER_LIST"}, {ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "SSL_BYTES_TO_CIPHER_LIST"},
{ERR_FUNC(SSL_F_SSL_CERT_DUP), "SSL_CERT_DUP"}, {ERR_FUNC(SSL_F_SSL_CERT_DUP), "SSL_CERT_DUP"},

10
ssl/t1_lib.c
View File

@ -189,6 +189,11 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
if ((lenmax = limit - p - 5) < 0) return NULL; if ((lenmax = limit - p - 5) < 0) return NULL;
if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax) return NULL; if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax) return NULL;
if (s->tlsext_ecpointformatlist_length > 255)
{
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
return NULL;
}
s2n(TLSEXT_TYPE_ec_point_formats,ret); s2n(TLSEXT_TYPE_ec_point_formats,ret);
s2n(s->tlsext_ecpointformatlist_length + 1,ret); s2n(s->tlsext_ecpointformatlist_length + 1,ret);
@ -228,6 +233,11 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
if ((lenmax = limit - p - 5) < 0) return NULL; if ((lenmax = limit - p - 5) < 0) return NULL;
if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax) return NULL; if (s->tlsext_ecpointformatlist_length > (unsigned long)lenmax) return NULL;
if (s->tlsext_ecpointformatlist_length > 255)
{
SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
return NULL;
}
s2n(TLSEXT_TYPE_ec_point_formats,ret); s2n(TLSEXT_TYPE_ec_point_formats,ret);
s2n(s->tlsext_ecpointformatlist_length + 1,ret); s2n(s->tlsext_ecpointformatlist_length + 1,ret);