X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Fs2_pkt.c;h=e6d5d09643ba2c0f0f1f336c3341a50191825353;hb=8e3b2dbb31819b880886bfd275510c650ff264ea;hp=1bb0ef1e8f6acb8bfeae3b113df5f99d4d7fec31;hpb=ee60d9fb282030be3f25e951b86d74d8f2dd1bdd;p=oweals%2Fopenssl.git

diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index 1bb0ef1e8f..e6d5d09643 100644
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -246,7 +246,8 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
 			}
 		else
 			{
-			mac_size=EVP_MD_size(s->read_hash);
+			mac_size=EVP_MD_CTX_size(s->read_hash);
+			OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
 			s->s2->mac_data=p;
 			s->s2->ract_data= &p[mac_size];
 			if (s->s2->padding + mac_size > s->s2->rlength)
@@ -528,7 +529,7 @@ static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
 	if (s->s2->clear_text)
 		mac_size=0;
 	else
-		mac_size=EVP_MD_size(s->write_hash);
+		mac_size=EVP_MD_CTX_size(s->write_hash);
 
 	/* lets set the pad p */
 	if (s->s2->clear_text)
@@ -651,27 +652,36 @@ int ssl2_part_read(SSL *s, unsigned long f, int i)
 	unsigned char *p;
 	int j;
 
-	/* check for error */
-	if ((s->init_num == 0) && (i >= 3))
-		{
-		p=(unsigned char *)s->init_buf->data;
-		if (p[0] == SSL2_MT_ERROR)
-			{
-			j=(p[1]<<8)|p[2];
-			SSLerr((int)f,ssl_mt_error(j));
-			}
-		}
-
 	if (i < 0)
 		{
 		/* ssl2_return_error(s); */
 		/* for non-blocking io,
-		 * this is not fatal */
+		 * this is not necessarily fatal */
 		return(i);
 		}
 	else
 		{
 		s->init_num+=i;
+
+		/* Check for error.  While there are recoverable errors,
+		 * this function is not called when those must be expected;
+		 * any error detected here is fatal. */
+		if (s->init_num >= 3)
+			{
+			p=(unsigned char *)s->init_buf->data;
+			if (p[0] == SSL2_MT_ERROR)
+				{
+				j=(p[1]<<8)|p[2];
+				SSLerr((int)f,ssl_mt_error(j));
+				s->init_num -= 3;
+				if (s->init_num > 0)
+					memmove(p, p+3, s->init_num);
+				}
+			}
+
+		/* If it's not an error message, we have some error anyway --
+		 * the message was shorter than expected.  This too is treated
+		 * as fatal (at least if SSL_get_error is asked for its opinion). */
 		return(0);
 		}
 	}
@@ -682,7 +692,11 @@ int ssl2_do_write(SSL *s)
 
 	ret=ssl2_write(s,&s->init_buf->data[s->init_off],s->init_num);
 	if (ret == s->init_num)
+		{
+		if (s->msg_callback)
+			s->msg_callback(1, s->version, 0, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);
 		return(1);
+		}
 	if (ret < 0)
 		return(-1);
 	s->init_off+=ret;