fix support for receiving fragmented handshake messages
authorBodo Möller <bodo@openssl.org>
Wed, 29 Nov 2006 14:45:50 +0000 (14:45 +0000)
committerBodo Möller <bodo@openssl.org>
Wed, 29 Nov 2006 14:45:50 +0000 (14:45 +0000)
CHANGES
ssl/d1_pkt.c
ssl/s23_clnt.c
ssl/s23_srvr.c
ssl/s3_pkt.c
ssl/s3_srvr.c

diff --git a/CHANGES b/CHANGES
index 682a4f0..3607fe9 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,11 +4,6 @@
 
  Changes between 0.9.8e and 0.9.9  [xx XXX xxxx]
 
-  *) Load error codes if they are not already present instead of using a
-     static variable. This allows them to be cleanly unloaded and reloaded.
-     Improve header file function name parsing.
-     [Steve Henson]
-
   *) Initial incomplete changes to avoid need for function casts in OpenSSL
      when OPENSSL_NO_FCAST is set: some compilers (gcc 4.2 and later) reject
      their use. Safestack is reimplemented using inline functions: tests show
 
  Changes between 0.9.8d and 0.9.8e  [XX xxx XXXX]
 
+  *) Have SSL/TLS server implementation tolerate "mismatched" record
+     protocol version while receiving ClientHello even if the
+     ClientHello is fragmented.  (The server can't insist on the
+     particular protocol version it has chosen before the ServerHello
+     message has informed the client about his choice.)
+     [Bodo Moeller]
+
   *) Add RFC 3779 support.
      [Rob Austein for ARIN, Ben Laurie]
 
+  *) Load error codes if they are not already present instead of using a
+     static variable. This allows them to be cleanly unloaded and reloaded.
+     Improve header file function name parsing.
+     [Steve Henson]
+
  Changes between 0.9.8c and 0.9.8d  [28 Sep 2006]
 
   *) Introduce limits to prevent malicious keys being able to
      differing sizes.
      [Richard Levitte]
 
+ Changes between 0.9.7l and 0.9.7m  [xx XXX xxxx]
+
+  *) Have SSL/TLS server implementation tolerate "mismatched" record
+     protocol version while receiving ClientHello even if the
+     ClientHello is fragmented.  (The server can't insist on the
+     particular protocol version it has chosen before the ServerHello
+     message has informed the client about his choice.)
+     [Bodo Moeller]
+
+  *) Load error codes if they are not already present instead of using a
+     static variable. This allows them to be cleanly unloaded and reloaded.
+     [Steve Henson]
+
  Changes between 0.9.7k and 0.9.7l  [28 Sep 2006]
 
   *) Introduce limits to prevent malicious keys being able to
index 0b09932..8a047ae 100644 (file)
@@ -573,11 +573,7 @@ again:
                n2s(p,rr->length);
 
                /* Lets check version */
-               if (s->first_packet)
-                       {
-                       s->first_packet=0;
-                       }
-               else
+               if (!s->first_packet)
                        {
                        if (version != s->version)
                                {
index 610169b..1181d05 100644 (file)
@@ -638,7 +638,6 @@ static int ssl23_get_server_hello(SSL *s)
        if (!ssl_get_new_session(s,0))
                goto err;
 
-       s->first_packet=1;
        return(SSL_connect(s));
 err:
        return(-1);
index 4da169e..ddf5d4c 100644 (file)
@@ -576,7 +576,6 @@ int ssl23_get_client_hello(SSL *s)
        s->init_num=0;
 
        if (buf != buf_space) OPENSSL_free(buf);
-       s->first_packet=1;
        return(SSL_accept(s));
 err:
        if (buf != buf_space) OPENSSL_free(buf);
index 1d34cec..6754e99 100644 (file)
@@ -307,11 +307,7 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
 #endif
 
                /* Lets check version */
-               if (s->first_packet)
-                       {
-                       s->first_packet=0;
-                       }
-               else
+               if (!s->first_packet)
                        {
                        if (version != s->version)
                                {
index a83f8ac..f776dc0 100644 (file)
@@ -715,9 +715,9 @@ int ssl3_get_client_hello(SSL *s)
         */
        if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
                {
-               s->first_packet=1;
                s->state=SSL3_ST_SR_CLNT_HELLO_B;
                }
+       s->first_packet=1;
        n=s->method->ssl_get_message(s,
                SSL3_ST_SR_CLNT_HELLO_B,
                SSL3_ST_SR_CLNT_HELLO_C,
@@ -726,6 +726,7 @@ int ssl3_get_client_hello(SSL *s)
                &ok);
 
        if (!ok) return((int)n);
+       s->first_packet=0;
        d=p=(unsigned char *)s->init_msg;
 
        /* use version from inside client hello, not from record header