From: Bodo Möller Date: Wed, 29 Nov 2006 14:45:50 +0000 (+0000) Subject: fix support for receiving fragmented handshake messages X-Git-Tag: OpenSSL_0_9_8k^2~1057 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=1e24b3a09e31b10649e5024b502ac3d7276923fe;p=oweals%2Fopenssl.git fix support for receiving fragmented handshake messages --- diff --git a/CHANGES b/CHANGES index 682a4f0994..3607fe9f39 100644 --- a/CHANGES +++ b/CHANGES @@ -4,11 +4,6 @@ Changes between 0.9.8e and 0.9.9 [xx XXX xxxx] - *) Load error codes if they are not already present instead of using a - static variable. This allows them to be cleanly unloaded and reloaded. - Improve header file function name parsing. - [Steve Henson] - *) Initial incomplete changes to avoid need for function casts in OpenSSL when OPENSSL_NO_FCAST is set: some compilers (gcc 4.2 and later) reject their use. Safestack is reimplemented using inline functions: tests show @@ -423,9 +418,21 @@ Changes between 0.9.8d and 0.9.8e [XX xxx XXXX] + *) Have SSL/TLS server implementation tolerate "mismatched" record + protocol version while receiving ClientHello even if the + ClientHello is fragmented. (The server can't insist on the + particular protocol version it has chosen before the ServerHello + message has informed the client about his choice.) + [Bodo Moeller] + *) Add RFC 3779 support. [Rob Austein for ARIN, Ben Laurie] + *) Load error codes if they are not already present instead of using a + static variable. This allows them to be cleanly unloaded and reloaded. + Improve header file function name parsing. + [Steve Henson] + Changes between 0.9.8c and 0.9.8d [28 Sep 2006] *) Introduce limits to prevent malicious keys being able to @@ -1430,6 +1437,19 @@ differing sizes. [Richard Levitte] + Changes between 0.9.7l and 0.9.7m [xx XXX xxxx] + + *) Have SSL/TLS server implementation tolerate "mismatched" record + protocol version while receiving ClientHello even if the + ClientHello is fragmented. (The server can't insist on the + particular protocol version it has chosen before the ServerHello + message has informed the client about his choice.) + [Bodo Moeller] + + *) Load error codes if they are not already present instead of using a + static variable. This allows them to be cleanly unloaded and reloaded. + [Steve Henson] + Changes between 0.9.7k and 0.9.7l [28 Sep 2006] *) Introduce limits to prevent malicious keys being able to diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 0b099325e1..8a047aeda7 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -573,11 +573,7 @@ again: n2s(p,rr->length); /* Lets check version */ - if (s->first_packet) - { - s->first_packet=0; - } - else + if (!s->first_packet) { if (version != s->version) { diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c index 610169b3eb..1181d055bb 100644 --- a/ssl/s23_clnt.c +++ b/ssl/s23_clnt.c @@ -638,7 +638,6 @@ static int ssl23_get_server_hello(SSL *s) if (!ssl_get_new_session(s,0)) goto err; - s->first_packet=1; return(SSL_connect(s)); err: return(-1); diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c index 4da169eb31..ddf5d4c3f5 100644 --- a/ssl/s23_srvr.c +++ b/ssl/s23_srvr.c @@ -576,7 +576,6 @@ int ssl23_get_client_hello(SSL *s) s->init_num=0; if (buf != buf_space) OPENSSL_free(buf); - s->first_packet=1; return(SSL_accept(s)); err: if (buf != buf_space) OPENSSL_free(buf); diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 1d34cec324..6754e993c5 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -307,11 +307,7 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length); #endif /* Lets check version */ - if (s->first_packet) - { - s->first_packet=0; - } - else + if (!s->first_packet) { if (version != s->version) { diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index a83f8ac763..f776dc0625 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -715,9 +715,9 @@ int ssl3_get_client_hello(SSL *s) */ if (s->state == SSL3_ST_SR_CLNT_HELLO_A) { - s->first_packet=1; s->state=SSL3_ST_SR_CLNT_HELLO_B; } + s->first_packet=1; n=s->method->ssl_get_message(s, SSL3_ST_SR_CLNT_HELLO_B, SSL3_ST_SR_CLNT_HELLO_C, @@ -726,6 +726,7 @@ int ssl3_get_client_hello(SSL *s) &ok); if (!ok) return((int)n); + s->first_packet=0; d=p=(unsigned char *)s->init_msg; /* use version from inside client hello, not from record header