projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Allow the use of the TCP/IP stack keyword TCPIP and NONE
[openssl.git] / ssl / s2_srvr.c
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index ea07852d1aa50e81c64e8e6e845654aa701f58bb..56da65195e7e72b84c10a9d47141c55dbeede9ff 100644 (file)
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -159,7 +159,7 @@ int ssl2_accept(SSL *s)
        BUF_MEM *buf=NULL;
        int ret= -1;
        long num1;
-       void (*cb)()=NULL;
+       void (*cb)(const SSL *ssl,int type,int val)=NULL;
        int new_state,state;
 
        RAND_add(&l,sizeof(l),0);
@@ -472,8 +472,8 @@ static int get_client_master_key(SSL *s)
         * random master secret (Bleichenbacher attack) */
        if ((i < 0) ||
                ((!is_export && (i != EVP_CIPHER_key_length(c)))
-               || (is_export && ((i != ek) || (s->s2->tmp.clear+i !=
-                       EVP_CIPHER_key_length(c))))))
+               || (is_export && ((i != ek) || (s->s2->tmp.clear+(unsigned int)i !=
+                       (unsigned int)EVP_CIPHER_key_length(c))))))
                {
                ERR_clear_error();
                if (is_export)
@@ -801,10 +801,10 @@ static int get_client_finished(SSL *s)
        p=(unsigned char *)s->init_buf->data;
        if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A)
                {
-               i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
-               if (i < 3-s->init_num)
+               i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
+               if (i < 1-s->init_num)
                        return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
-               s->init_num = 3;
+               s->init_num += i;
 
                if (*p != SSL2_MT_CLIENT_FINISHED)
                        {
@@ -814,7 +814,12 @@ static int get_client_finished(SSL *s)
                                SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
                                }
                        else
+                               {
                                SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR);
+                               /* try to read the error message */
+                               i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
+                               return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
+                               }
                        return(-1);
                        }
                s->state=SSL2_ST_GET_CLIENT_FINISHED_B;
Unnamed repository; edit this file 'description' to name the repository.