generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add fixes for CAN-2005-2969.

Browse Source 
(This were in 0.9.7-stable and 0.9.8-stable, but not in HEAD so far.)
This commit is contained in:
Bodo Möller
2005-10-26 19:40:45 +00:00
parent ee8836c442
commit 72dce7685e
6 changed files with 13 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ssl/s23_srvr.c
View File

@@ -250,9 +250,6 @@ int ssl23_get_client_hello(SSL *s)
int n=0,j;
int type=0;
int v[2];
#ifndef OPENSSL_NO_RSA
int use_sslv2_strong=0;
#endif
if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
{
@@ -501,9 +498,7 @@ int ssl23_get_client_hello(SSL *s)
}
s->state=SSL2_ST_GET_CLIENT_HELLO_A;
if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
use_sslv2_strong ||
(s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
s->s2->ssl2_rollback=0;
else
/* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0