unsigned char ext_buf[4 + 65536];
/* Reconstruct the type/len fields prior to extension data */
- ext_buf[0] = ext_type >> 8;
- ext_buf[1] = ext_type & 0xFF;
- ext_buf[2] = inlen >> 8;
- ext_buf[3] = inlen & 0xFF;
+ inlen &= 0xffff; /* for formal memcpy correctness */
+ ext_buf[0] = (unsigned char)(ext_type >> 8);
+ ext_buf[1] = (unsigned char)(ext_type);
+ ext_buf[2] = (unsigned char)(inlen >> 8);
+ ext_buf[3] = (unsigned char)(inlen);
memcpy(ext_buf + 4, in, inlen);
BIO_snprintf(pem_name, sizeof(pem_name), "SERVERINFO FOR EXTENSION %d",
char *inrand = NULL;
int mbuf_len = 0;
struct timeval timeout, *timeoutp;
-#ifndef OPENSSL_NO_ENGINE
char *engine_id = NULL;
+ ENGINE *e = NULL;
+#ifndef OPENSSL_NO_ENGINE
char *ssl_client_engine_id = NULL;
ENGINE *ssl_client_engine = NULL;
#endif
- ENGINE *e = NULL;
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
struct timeval tv;
# if defined(OPENSSL_SYS_BEOS_R5)
next_proto.data = NULL;
#endif
-#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
+#ifndef OPENSSL_NO_ENGINE
if (ssl_client_engine_id) {
ssl_client_engine = ENGINE_by_id(ssl_client_engine_id);
if (!ssl_client_engine) {
if (strstr(mbuf, "/stream:features>"))
goto shut;
seen = BIO_read(sbio, mbuf, BUFSIZZ);
+ if (seen <= 0)
+ goto shut;
mbuf[seen] = 0;
}
BIO_printf(sbio,
OPENSSL_cleanse(mbuf, BUFSIZZ);
OPENSSL_free(mbuf);
}
+ release_engine(e);
if (bio_c_out != NULL) {
BIO_free(bio_c_out);
bio_c_out = NULL;
BIO_free(bio_c_msg);
bio_c_msg = NULL;
}
+ SSL_COMP_free_compression_methods();
apps_shutdown();
OPENSSL_EXIT(ret);
}
BIO_printf(bio, "---\nCertificate chain\n");
for (i = 0; i < sk_X509_num(sk); i++) {
X509_NAME_oneline(X509_get_subject_name(sk_X509_value(sk, i)),
- buf, sizeof buf);
+ buf, sizeof(buf));
BIO_printf(bio, "%2d s:%s\n", i, buf);
X509_NAME_oneline(X509_get_issuer_name(sk_X509_value(sk, i)),
- buf, sizeof buf);
+ buf, sizeof(buf));
BIO_printf(bio, " i:%s\n", buf);
if (c_showcerts)
PEM_write_bio_X509(bio, sk_X509_value(sk, i));
/* Redundant if we showed the whole chain */
if (!(c_showcerts && got_a_chain))
PEM_write_bio_X509(bio, peer);
- X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
+ X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof(buf));
BIO_printf(bio, "subject=%s\n", buf);
- X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
+ X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof(buf));
BIO_printf(bio, "issuer=%s\n", buf);
} else
BIO_printf(bio, "no peer certificate available\n");
} else {
BIO_printf(bio, "---\nNo client certificate CA names sent\n");
}
- p = SSL_get_shared_ciphers(s, buf, sizeof buf);
+ p = SSL_get_shared_ciphers(s, buf, sizeof(buf));
if (p != NULL) {
/*
* This works only for SSL 2. In later protocol versions, the
projects / openssl.git / blobdiff