Commit 0a594209 authored by Richard Levitte's avatar Richard Levitte
Browse files

We need to read one more byte of the REQUEST-CERTIFICATE message. 

PR: 300
parent d78254aa

CHANGES

+4 −0
Original line number Diff line number Diff line
@@ -2082,6 +2082,10 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k 


 Changes between 0.9.6g and 0.9.6h  [xx XXX xxxx]



  *) Fix client_certificate (ssl/s2_clnt.c): The permissible total

     length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.

     [Zeev Lieber <zeev-l@yahoo.com>]



  *) Change the default configuration reader to deal with last line not

     being properly terminated.

     [Richard Levitte]

ssl/s2_clnt.c

+2 −2
Original line number Diff line number Diff line
@@ -770,8 +770,8 @@ static int client_certificate(SSL *s) 
	if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A)

		{

		i=ssl2_read(s,(char *)&(buf[s->init_num]),

			SSL2_MAX_CERT_CHALLENGE_LENGTH+1-s->init_num);

		if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+1-s->init_num))

			SSL2_MAX_CERT_CHALLENGE_LENGTH+2-s->init_num);

		if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+2-s->init_num))

			return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i));

		s->init_num += i;

		if (s->msg_callback)