Fix the cipher decision scheme for export ciphers: the export bits are *not*
within SSL_MKEY_MASK or SSL_AUTH_MASK, they are within SSL_EXP_MASK. So, the original variable has to be used instead of the already masked variable. Submitted by: Richard Levitte <levitte@stacken.kth.se> Reviewed by: Ralf S. Engelschall
This commit is contained in:
parent
def9f43151
commit
90a52cecaf
6
CHANGES
6
CHANGES
@ -5,6 +5,12 @@
|
|||||||
|
|
||||||
Changes between 0.9.1c and 0.9.2
|
Changes between 0.9.1c and 0.9.2
|
||||||
|
|
||||||
|
*) Fix the cipher decision scheme for export ciphers: the export bits are
|
||||||
|
*not* within SSL_MKEY_MASK or SSL_AUTH_MASK, they are within
|
||||||
|
SSL_EXP_MASK. So, the original variable has to be used instead of the
|
||||||
|
already masked variable.
|
||||||
|
[Richard Levitte <levitte@stacken.kth.se>]
|
||||||
|
|
||||||
*) Fix 'port' variable from `int' to `unsigned int' in crypto/bio/b_sock.c
|
*) Fix 'port' variable from `int' to `unsigned int' in crypto/bio/b_sock.c
|
||||||
[Richard Levitte <levitte@stacken.kth.se>]
|
[Richard Levitte <levitte@stacken.kth.se>]
|
||||||
|
|
||||||
|
@ -771,11 +771,11 @@ STACK *have,*pref;
|
|||||||
emask=cert->export_mask;
|
emask=cert->export_mask;
|
||||||
|
|
||||||
alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
|
alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
|
||||||
if (SSL_IS_EXPORT(alg))
|
if (SSL_IS_EXPORT(c->algorithms))
|
||||||
{
|
{
|
||||||
ok=((alg & emask) == alg)?1:0;
|
ok=((alg & emask) == alg)?1:0;
|
||||||
#ifdef CIPHER_DEBUG
|
#ifdef CIPHER_DEBUG
|
||||||
printf("%d:[%08lX:%08lX]%s\n",ok,alg,mask,c->name);
|
printf("%d:[%08lX:%08lX]%s (export)\n",ok,alg,mask,c->name);
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
Loading…
x
Reference in New Issue
Block a user