projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 29f4b05)
Fixes from HEAD.
authorDr. Stephen Henson <steve@openssl.org>
Fri, 21 Sep 2007 13:40:51 +0000 (13:40 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 21 Sep 2007 13:40:51 +0000 (13:40 +0000)
ssl/s23_clnt.c patch | blob | history
ssl/s3_lib.c patch | blob | history
ssl/t1_lib.c patch | blob | history

diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 146e1e17c18c546ea2a6d80fdc86371863f8ffe3..a596e7b2ec9843ed18eb8fc9a507d2e7452f0611 100644 (file)
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -223,6 +223,15 @@ static int ssl23_client_hello(SSL *s)
                {
                version = SSL2_VERSION;
                }
+#ifndef OPENSSL_NO_TLSEXT 
+       if (version != SSL2_VERSION)
+               {
+               /* have to disable SSL 2.0 compatibility if we need TLS extensions */
+
+               if (s->tlsext_hostname != NULL)
+                       ssl2_compat = 0;
+               }
+#endif
 
        buf=(unsigned char *)s->init_buf->data;
        if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 4f22925df13f17f7fa7b918298a75ee247ffeb2c..2bacb2601eb35edd91e7efaf0d159ac39d61526d 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -1935,6 +1935,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
                break;
        case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
                s->tlsext_debug_arg=parg;
+               ret = 1;
                break;
 #endif /* !OPENSSL_NO_TLSEXT */
        default:
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 1c4e151fe184ebc9d5594c1e8915b8b83e719662..21ddcc61163047a3015aead6f5bd38bbcaec2269 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -150,7 +150,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
                   + hostname length 
                */
                   
-               if ((lenmax = limit - p - 9) < 0 
+               if ((lenmax = limit - ret - 9) < 0 
                || (size_str = strlen(s->tlsext_hostname)) > (unsigned long)lenmax) 
                        return NULL;
                        
@@ -179,7 +179,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
                /* Check for enough room 2 for extension type, 2 for len
                 * rest for ticket
                 */
-               if (limit - p - 4 - ticklen < 0)
+               if (limit - ret - 4 - ticklen < 0)
                        return NULL;
                s2n(TLSEXT_TYPE_session_ticket,ret); 
                s2n(ticklen,ret);
Unnamed repository; edit this file 'description' to name the repository.