Disable SSL_peek until it is fixed.

[openssl.git] / ssl / s3_srvr.c

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 64c1d80b8a0d0168a3521844db1b563a920b8789..531a49f0212ef86aa30220ae58fc758d84fe0ee8 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -153,7 +153,10 @@ int ssl3_accept(SSL *s)
                        if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
                        if ((s->version>>8) != 3)
-                               abort();
+                               {
+                               SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_INTERNAL_ERROR);
+                               return -1;
+                               }
                        s->type=SSL_ST_ACCEPT;
 
                        if (s->init_buf == NULL)
@@ -1259,7 +1262,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
                SSL3_ST_SR_KEY_EXCH_A,
                SSL3_ST_SR_KEY_EXCH_B,
                SSL3_MT_CLIENT_KEY_EXCHANGE,
-               400, /* ???? */
+               2048, /* ??? */
                &ok);
 
        if (!ok) return((int)n);
@@ -1332,7 +1335,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
                         * ClientHello to detect version rollback attacks (strangely, the
                         * protocol does not offer such protection for DH ciphersuites).
                         * However, buggy clients exist that send the negotiated protocol
-                        * version instead if the servers does not support the requested
+                        * version instead if the server does not support the requested
                         * protocol version.
                         * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */
                        if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&