projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a657546) | patch
Fix SSL 2.0 rollback checking: The previous implementation of the
authorBodo Möller <bodo@openssl.org>
Sat, 29 Jul 2000 18:50:41 +0000 (18:50 +0000)
committerBodo Möller <bodo@openssl.org>
Sat, 29 Jul 2000 18:50:41 +0000 (18:50 +0000)
commit37569e64e8012014a4b027d896da6c6cdf372507
tree5a9b45aaab90f88ef9770f6d896e81f2fd6e7066tree | snapshot
parenta657546f9c376f4b7ba4dce14649598fb1a38de5commit | diff
Fix SSL 2.0 rollback checking: The previous implementation of the
test was never triggered due to an off-by-one error.

In s23_clnt.c, don't use special rollback-attack detection padding
(RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
client; similarly, in s23_srvr.c, don't do the rollback check if
SSL 2.0 is the only protocol enabled in the server.
CHANGES diff | blob | history
crypto/rsa/rsa_ssl.c diff | blob | history
ssl/s23_clnt.c diff | blob | history
ssl/s23_srvr.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.