From: Ben Laurie Date: Sat, 13 Feb 1999 12:39:50 +0000 (+0000) Subject: In the absence of feedback either way, commit the fix that looks right for X-Git-Tag: OpenSSL_0_9_2b~161 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=436d318c806003352b916f637ceb68f3bfde72de;p=oweals%2Fopenssl.git In the absence of feedback either way, commit the fix that looks right for wrong keylength with export null ciphers. --- diff --git a/CHANGES b/CHANGES index 697252b160..c6b9e894fe 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,10 @@ Changes between 0.9.1c and 0.9.2 + *) Correct caclulation of key length for export ciphers (too much space was + allocated for null ciphers). This has not been tested! + [Ben Laurie] + *) Modifications to the mkdef.pl for Win32 DEF file creation. The usage message is now correct (it understands "crypto" and "ssl" on its command line). There is also now an "update" option. This will update diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index f498093ba0..c5c9a3be42 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -139,7 +139,7 @@ int which; COMP_METHOD *comp; EVP_MD *m; MD5_CTX md; - int exp,n,i,j,k; + int exp,n,i,j,k,cl; exp=(s->s3->tmp.new_cipher->algorithms & SSL_EXPORT)?1:0; c=s->s3->tmp.new_sym_enc; @@ -208,8 +208,9 @@ int which; p=s->s3->tmp.key_block; i=EVP_MD_size(m); - /* Should be j=exp?min(5,EVP_CIPHER_key_length(c)):EVP_CIPHER_key_length(c); ?? - Ben 30/12/98 */ - j=(exp)?5:EVP_CIPHER_key_length(c); + cl=EVP_CIPHER_key_length(c); + j=exp ? (cl < 5 ? cl : 5) : cl; + /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */ k=EVP_CIPHER_iv_length(c); if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || (which == SSL3_CHANGE_CIPHER_SERVER_READ)) diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 893c0bc73b..ac9da4da3a 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -177,7 +177,7 @@ int which; EVP_CIPHER *c; COMP_METHOD *comp; EVP_MD *m; - int exp,n,i,j,k,exp_label_len; + int exp,n,i,j,k,exp_label_len,cl; exp=(s->s3->tmp.new_cipher->algorithms & SSL_EXPORT)?1:0; c=s->s3->tmp.new_sym_enc; @@ -244,7 +244,9 @@ int which; p=s->s3->tmp.key_block; i=EVP_MD_size(m); - j=(exp)?5:EVP_CIPHER_key_length(c); + cl=EVP_CIPHER_key_length(c); + j=exp ? (cl < 5 ? cl : 5) : cl; + /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */ k=EVP_CIPHER_iv_length(c); er1= &(s->s3->client_random[0]); er2= &(s->s3->server_random[0]);