Bugfix: larger message size in ssl3_get_key_exchange() because
ServerKeyExchange message may be skipped. Submitted by: Petr Lampa <lampa@fee.vutbr.cz>
This commit is contained in:
Bodo Möller
6
CHANGES
6
CHANGES
@@ -4,6 +4,12 @@
|
|||||||
|
|
||||||
Changes between 0.9.6b and 0.9.6c [XX xxx XXXX]
|
Changes between 0.9.6b and 0.9.6c [XX xxx XXXX]
|
||||||
|
|
||||||
|
*) In ssl3_get_key_exchange (ssl/s3_clnt.c), call ssl3_get_message()
|
||||||
|
with the same message size as in ssl3_get_certificate_request().
|
||||||
|
Otherwise, if no ServerKeyExchange message occurs, CertificateRequest
|
||||||
|
messages might inadvertently be reject as too long.
|
||||||
|
[Petr Lampa <lampa@fee.vutbr.cz>]
|
||||||
|
|
||||||
*) Modified SSL library such that the verify_callback that has been set
|
*) Modified SSL library such that the verify_callback that has been set
|
||||||
specificly for an SSL object with SSL_set_verify() is actually being
|
specificly for an SSL object with SSL_set_verify() is actually being
|
||||||
used. Before the change, a verify_callback set with this function was
|
used. Before the change, a verify_callback set with this function was
|
||||||
|
|||||||
@@ -849,11 +849,17 @@ static int ssl3_get_key_exchange(SSL *s)
|
|||||||
DH *dh=NULL;
|
DH *dh=NULL;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* use same message size as in ssl3_get_certificate_request()
|
||||||
|
* as ServerKeyExchange message may be skipped */
|
||||||
n=ssl3_get_message(s,
|
n=ssl3_get_message(s,
|
||||||
SSL3_ST_CR_KEY_EXCH_A,
|
SSL3_ST_CR_KEY_EXCH_A,
|
||||||
SSL3_ST_CR_KEY_EXCH_B,
|
SSL3_ST_CR_KEY_EXCH_B,
|
||||||
-1,
|
-1,
|
||||||
1024*8, /* ?? */
|
#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
|
||||||
|
1024*30, /* 30k max cert list :-) */
|
||||||
|
#else
|
||||||
|
1024*100, /* 100k max cert list :-) */
|
||||||
|
#endif
|
||||||
&ok);
|
&ok);
|
||||||
|
|
||||||
if (!ok) return((int)n);
|
if (!ok) return((int)n);
|
||||||
|
|||||||
Reference in New Issue
Block a user