CHANGES · 37569e64e8012014a4b027d896da6c6cdf372507 · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL · GitLab

Jul 29, 2000

Fix SSL 2.0 rollback checking: The previous implementation of the · 37569e64

Bodo Möller authored Jul 29, 2000

test was never triggered due to an off-by-one error.

In s23_clnt.c, don't use special rollback-attack detection padding
(RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
client; similarly, in s23_srvr.c, don't do the rollback check if
SSL 2.0 is the only protocol enabled in the server.

37569e64

Fix SSL 2.0 rollback checking: The previous implementation of the

Bodo Möller authored Jul 29, 2000

test was never triggered due to an off-by-one error.

In s23_clnt.c, don't use special rollback-attack detection padding
(RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
client; similarly, in s23_srvr.c, don't do the rollback check if
SSL 2.0 is the only protocol enabled in the server.

To find the state of this project's repository at the time of any of these versions, check out the tags.