generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Switch for RFC-compliant version encoding in DTLS. From HEAD with a twist:

Browse Source 
server accepts even non-compliant encoding in order to enable interop with
pre-0.9.8f clients.
This commit is contained in:
Andy Polyakov
2007-09-30 18:55:59 +00:00
parent aab1ec3f36
commit c4b0d7879e
5 changed files with 43 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
ssl/s3_srvr.c
View File

@@ -714,7 +714,8 @@ int ssl3_get_client_hello(SSL *s)
s->client_version=(((int)p[0])<<8)|(int)p[1];
p+=2;
if (s->client_version < s->version)
if ((s->version == DTLS1_VERSION && s->client_version > s->version) ||
(s->version != DTLS1_VERSION && s->client_version < s->version))
{
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
@@ -765,7 +766,7 @@ int ssl3_get_client_hello(SSL *s)
p+=j;
if (SSL_version(s) == DTLS1_VERSION)
if (s->version == DTLS1_VERSION)
{
/* cookie stuff */
cookie_len = *(p++);
@@ -1748,8 +1749,9 @@ int ssl3_get_client_key_exchange(SSL *s)
rsa=pkey->pkey.rsa;
}
/* TLS */
if (s->version > SSL3_VERSION)
/* TLS and [incidentally] DTLS, including pre-0.9.8f */
if (s->version > SSL3_VERSION &&
s->client_version != DTLS1_BAD_VER)
{
n2s(p,i);
if (n != i+2)