generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

We need to read one more byte of the REQUEST-CERTIFICATE message.

Browse Source 
PR: 300
This commit is contained in:
Richard Levitte 2002-11-15 09:16:56 +00:00
parent fa015977de
commit 3aefe06f0f
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@ -4,6 +4,10 @@
Changes between 0.9.6g and 0.9.6h [xx XXX xxxx] Changes between 0.9.6g and 0.9.6h [xx XXX xxxx]
*) Fix client_certificate (ssl/s2_clnt.c): The permissible total
length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
[Zeev Lieber <zeev-l@yahoo.com>]
*) Change the default configuration reader to deal with last line not *) Change the default configuration reader to deal with last line not
being properly terminated. being properly terminated.
[Richard Levitte] [Richard Levitte]

4
ssl/s2_clnt.c
View File

@ -752,8 +752,8 @@ static int client_certificate(SSL *s)
if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A)
{ {
i=ssl2_read(s,(char *)&(buf[s->init_num]), i=ssl2_read(s,(char *)&(buf[s->init_num]),
SSL2_MAX_CERT_CHALLENGE_LENGTH+1-s->init_num); SSL2_MAX_CERT_CHALLENGE_LENGTH+2-s->init_num);
if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+1-s->init_num)) if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+2-s->init_num))
return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i)); return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i));
s->init_num += i; s->init_num += i;