with a failure.
Fix typos in some error codes.
Changes between 0.9.4 and 0.9.5 [xx XXX 2000]
+ *) Allow for the possibility of temp RSA key generation failure:
+ the code used to assume it always worked and crashed on failure.
+ [Steve Henson]
+
*) Fix potential buffer overrun problem in BIO_printf().
[Ulf Möller, using public domain code by Patrick Powell; problem
pointed out by David Sacerdote <das33@cornell.edu>]
predecessor, at <URL: http://www.columbia.edu/~ariel/ssleay/>. Much
of this still applies to OpenSSL.
+There is some documentation about certificate extensions and PKCS#12
+in doc/openssl.txt
+
The original SSLeay documentation is included in OpenSSL as
doc/ssleay.txt. It may be useful when none of the other ressources
help, but please note that it reflects the obsolete version SSLeay
R SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
R SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
R SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
-R SSL_R_TLSV1_ALERT_EXPORT_RESTRICION 1060
+R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
-R SSL_R_TLSV1_ALERT_USER_CANCLED 1090
+R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
R RSAREF_R_CONTENT_ENCODING 0x0400
rsa=s->cert->rsa_tmp_cb(s,
SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
+ if(rsa == NULL)
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
+ goto f_err;
+ }
CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
cert->rsa_tmp=rsa;
}
#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
#define SSL_R_DIGEST_CHECK_FAILED 149
#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
+#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 1092
#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"},
{SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"},
{SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"},
+{SSL_R_ERROR_GENERATING_TMP_RSA_KEY ,"error generating tmp rsa key"},
{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"},
{SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"},
{SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"},