generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Allow client certificate lists > 16kB ("Douglas E. Engert" <deengert@anl.gov>.)

Browse Source
This commit is contained in:
Lutz Jänicke 2001-08-25 11:48:35 +00:00
parent 029fb8aa26
commit a04baf9b5c
2 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@ -4,6 +4,12 @@
Changes between 0.9.6b and 0.9.6c [XX xxx XXXX] Changes between 0.9.6b and 0.9.6c [XX xxx XXXX]
*) s3_srvr.c: allow sending of large client certificate lists (> 16 kB).
This function was broken, as the check for a new client hello message
to handle SGC did not allow these large messages.
(Tracked down by "Douglas E. Engert" <deengert@anl.gov>.)
[Lutz Jaenicke]
*) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long](). *) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long]().
[Lutz Jaenicke] [Lutz Jaenicke]

6
ssl/s3_srvr.c
View File

@ -537,7 +537,11 @@ static int ssl3_check_client_hello(SSL *s)
SSL3_ST_SR_CERT_A, SSL3_ST_SR_CERT_A,
SSL3_ST_SR_CERT_B, SSL3_ST_SR_CERT_B,
-1, -1,
SSL3_RT_MAX_PLAIN_LENGTH, #if defined(MSDOS) && !defined(WIN32)
1024*30, /* 30k max cert list :-) */
#else
1024*100, /* 100k max cert list :-) */
#endif
&ok); &ok);
if (!ok) return((int)n); if (!ok) return((int)n);
s->s3->tmp.reuse_message = 1; s->s3->tmp.reuse_message = 1;