generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix SSL handshake functions and SSL_clear() such that SSL_clear()

Browse Source 
never resets s->method to s->ctx->method when called from within
one of the SSL handshake functions.
This commit is contained in:
Bodo Möller 2001-10-24 19:03:22 +00:00
parent a3faebd104
commit 979689aa5c
8 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@ -12,6 +12,11 @@
*) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7 *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
+) applies to 0.9.7 only +) applies to 0.9.7 only
*) Fix SSL handshake functions and SSL_clear() such that SSL_clear()
never resets s->method to s->ctx->method when called from within
one of the SSL handshake functions.
[Bodo Moeller; problem pointed out by Niko Baric]
+) Test for certificates which contain unsupported critical extensions. +) Test for certificates which contain unsupported critical extensions.
If such a certificate is found during a verify operation it is If such a certificate is found during a verify operation it is
rejected by default: this behaviour can be overridden by either rejected by default: this behaviour can be overridden by either

2
ssl/s23_clnt.c
View File

@ -113,8 +113,8 @@ int ssl23_connect(SSL *s)
else if (s->ctx->info_callback != NULL) else if (s->ctx->info_callback != NULL)
cb=s->ctx->info_callback; cb=s->ctx->info_callback;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
s->in_handshake++; s->in_handshake++;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
for (;;) for (;;)
{ {

2
ssl/s23_srvr.c
View File

@ -165,8 +165,8 @@ int ssl23_accept(SSL *s)
else if (s->ctx->info_callback != NULL) else if (s->ctx->info_callback != NULL)
cb=s->ctx->info_callback; cb=s->ctx->info_callback;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
s->in_handshake++; s->in_handshake++;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
for (;;) for (;;)
{ {

2
ssl/s2_clnt.c
View File

@ -118,8 +118,8 @@ int ssl2_connect(SSL *s)
cb=s->ctx->info_callback; cb=s->ctx->info_callback;
/* init things to blank */ /* init things to blank */
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
s->in_handshake++; s->in_handshake++;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
for (;;) for (;;)
{ {

2
ssl/s2_srvr.c
View File

@ -119,8 +119,8 @@ int ssl2_accept(SSL *s)
cb=s->ctx->info_callback; cb=s->ctx->info_callback;
/* init things to blank */ /* init things to blank */
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
s->in_handshake++; s->in_handshake++;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
if (s->cert == NULL) if (s->cert == NULL)
{ {

2
ssl/s3_clnt.c
View File

@ -119,8 +119,8 @@ int ssl3_connect(SSL *s)
else if (s->ctx->info_callback != NULL) else if (s->ctx->info_callback != NULL)
cb=s->ctx->info_callback; cb=s->ctx->info_callback;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
s->in_handshake++; s->in_handshake++;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
for (;;) for (;;)
{ {

2
ssl/s3_srvr.c
View File

@ -180,8 +180,8 @@ int ssl3_accept(SSL *s)
cb=s->ctx->info_callback; cb=s->ctx->info_callback;
/* init things to blank */ /* init things to blank */
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
s->in_handshake++; s->in_handshake++;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
if (s->cert == NULL) if (s->cert == NULL)
{ {

2
ssl/ssl_lib.c
View File

@ -193,7 +193,7 @@ int SSL_clear(SSL *s)
#if 1 #if 1
/* Check to see if we were changed into a different method, if /* Check to see if we were changed into a different method, if
* so, revert back if we are not doing session-id reuse. */ * so, revert back if we are not doing session-id reuse. */
if ((s->session == NULL) && (s->method != s->ctx->method)) if (!s->in_handshake && (s->session == NULL) && (s->method != s->ctx->method))
{ {
s->method->ssl_free(s); s->method->ssl_free(s);
s->method=s->ctx->method; s->method=s->ctx->method;