generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

We need to read one more byte of the REQUEST-CERTIFICATE message.

Browse Source 
PR: 300
This commit is contained in:
Richard Levitte
2002-11-15 09:15:55 +00:00
parent d78254aa28
commit 0a5942093e
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@@ -2082,6 +2082,10 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k
Changes between 0.9.6g and 0.9.6h [xx XXX xxxx] Changes between 0.9.6g and 0.9.6h [xx XXX xxxx]
*) Fix client_certificate (ssl/s2_clnt.c): The permissible total
length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
[Zeev Lieber <zeev-l@yahoo.com>]
*) Change the default configuration reader to deal with last line not *) Change the default configuration reader to deal with last line not
being properly terminated. being properly terminated.
[Richard Levitte] [Richard Levitte]

4
ssl/s2_clnt.c
View File

@@ -770,8 +770,8 @@ static int client_certificate(SSL *s)
if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A)
{ {
i=ssl2_read(s,(char *)&(buf[s->init_num]), i=ssl2_read(s,(char *)&(buf[s->init_num]),
SSL2_MAX_CERT_CHALLENGE_LENGTH+1-s->init_num); SSL2_MAX_CERT_CHALLENGE_LENGTH+2-s->init_num);
if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+1-s->init_num)) if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+2-s->init_num))
return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i)); return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i));
s->init_num += i; s->init_num += i;
if (s->msg_callback) if (s->msg_callback)