X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs3_srvr.c;h=531a49f0212ef86aa30220ae58fc758d84fe0ee8;hp=64c1d80b8a0d0168a3521844db1b563a920b8789;hb=87739b2c53238f7185ab476b020183da35feb899;hpb=2c05c494c03a66c3e8e953f548d00f23b96e8b2d

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 64c1d80b8a..531a49f021 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -153,7 +153,10 @@ int ssl3_accept(SSL *s)
 			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
 
 			if ((s->version>>8) != 3)
-				abort();
+				{
+				SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_INTERNAL_ERROR);
+				return -1;
+				}
 			s->type=SSL_ST_ACCEPT;
 
 			if (s->init_buf == NULL)
@@ -1259,7 +1262,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
 		SSL3_ST_SR_KEY_EXCH_A,
 		SSL3_ST_SR_KEY_EXCH_B,
 		SSL3_MT_CLIENT_KEY_EXCHANGE,
-		400, /* ???? */
+		2048, /* ??? */
 		&ok);
 
 	if (!ok) return((int)n);
@@ -1332,7 +1335,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
 			 * ClientHello to detect version rollback attacks (strangely, the
 			 * protocol does not offer such protection for DH ciphersuites).
 			 * However, buggy clients exist that send the negotiated protocol
-			 * version instead if the servers does not support the requested
+			 * version instead if the server does not support the requested
 			 * protocol version.
 			 * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */
 			if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&