*) Change ssl/s2_clnt.c and ssl/s3_srvr.c so that received handshake
messages are stored in a single piece (fixed-length part and
- variable-length part) and fix various bugs found on the way.
+ variable-length part combined) and fix various bugs found on the way.
[Bodo Moeller]
*) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert
p=(unsigned char *)s->init_buf->data;
if (s->state == SSL2_ST_GET_SERVER_VERIFY_A)
{
- i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
- if (i < (3-s->init_num))
+ i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
+ if (i < (1-s->init_num))
return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i));
s->init_num += i;
SSL_R_READ_WRONG_PACKET_TYPE);
}
else
- SSLerr(SSL_F_GET_SERVER_VERIFY,
- SSL_R_PEER_ERROR);
+ {
+ SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_PEER_ERROR);
+ /* try to read the error message */
+ i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
+ return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
+ }
return(-1);
}
}
p=buf;
if (s->state == SSL2_ST_GET_SERVER_FINISHED_A)
{
- i=ssl2_read(s,(char *)&(buf[s->init_num]),3-s->init_num);
- if (i < (3-s->init_num))
+ i=ssl2_read(s,(char *)&(buf[s->init_num]),1-s->init_num);
+ if (i < (1-s->init_num))
return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i));
s->init_num += i;
SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
}
else
+ {
SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_PEER_ERROR);
+ /* try to read the error message */
+ i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
+ return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
+ }
return(-1);
}
s->state=SSL2_ST_GET_SERVER_FINISHED_B;
p=(unsigned char *)s->init_buf->data;
if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A)
{
- i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
- if (i < 3-s->init_num)
+ i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
+ if (i < 1-s->init_num)
return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
- s->init_num = 3;
+ s->init_num += i;
if (*p != SSL2_MT_CLIENT_FINISHED)
{
SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
}
else
+ {
SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR);
+ /* try to read the error message */
+ i=ssl2_read(s,(char *)&(p[s->init_num]),3-s->init_num);
+ return ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i);
+ }
return(-1);
}
s->state=SSL2_ST_GET_CLIENT_FINISHED_B;
projects / oweals / openssl.git / commitdiff