projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
tolerate extra data at end of client hello for SSL 3.0
[openssl.git]
/
ssl
/
s3_srvr.c
diff --git
a/ssl/s3_srvr.c
b/ssl/s3_srvr.c
index e9410684164ea346fc4568e1915489a144407d2d..c2ac8cb2fc257450385196acb9c016c462d0b615 100644
(file)
--- a/
ssl/s3_srvr.c
+++ b/
ssl/s3_srvr.c
@@
-883,6
+883,9
@@
static int ssl3_get_client_hello(SSL *s)
}
/* TLS does not mind if there is extra stuff */
}
/* TLS does not mind if there is extra stuff */
+#if 0 /* SSL 3.0 does not mind either, so we should disable this test
+ * (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b,
+ * in earlier SSLeay/OpenSSL releases this test existed but was buggy) */
if (s->version == SSL3_VERSION)
{
if (p < (d+n))
if (s->version == SSL3_VERSION)
{
if (p < (d+n))
@@
-894,6
+897,7
@@
static int ssl3_get_client_hello(SSL *s)
goto f_err;
}
}
goto f_err;
}
}
+#endif
/* Given s->session->ciphers and SSL_get_ciphers, we must
* pick a cipher */
/* Given s->session->ciphers and SSL_get_ciphers, we must
* pick a cipher */