Commit 1e24b3a0 authored by Bodo Möller's avatar Bodo Möller
Browse files

fix support for receiving fragmented handshake messages

parent 73b979e6

CHANGES

+25 −5
Original line number Diff line number Diff line
@@ -4,11 +4,6 @@ 


 Changes between 0.9.8e and 0.9.9  [xx XXX xxxx]



  *) Load error codes if they are not already present instead of using a

     static variable. This allows them to be cleanly unloaded and reloaded.

     Improve header file function name parsing.

     [Steve Henson]



  *) Initial incomplete changes to avoid need for function casts in OpenSSL

     when OPENSSL_NO_FCAST is set: some compilers (gcc 4.2 and later) reject

     their use. Safestack is reimplemented using inline functions: tests show
@@ -423,9 +418,21 @@ 


 Changes between 0.9.8d and 0.9.8e  [XX xxx XXXX]



  *) Have SSL/TLS server implementation tolerate "mismatched" record

     protocol version while receiving ClientHello even if the

     ClientHello is fragmented.  (The server can't insist on the

     particular protocol version it has chosen before the ServerHello

     message has informed the client about his choice.)

     [Bodo Moeller]



  *) Add RFC 3779 support.

     [Rob Austein for ARIN, Ben Laurie]



  *) Load error codes if they are not already present instead of using a

     static variable. This allows them to be cleanly unloaded and reloaded.

     Improve header file function name parsing.

     [Steve Henson]



 Changes between 0.9.8c and 0.9.8d  [28 Sep 2006]



  *) Introduce limits to prevent malicious keys being able to
@@ -1430,6 +1437,19 @@ 
     differing sizes.

     [Richard Levitte]



 Changes between 0.9.7l and 0.9.7m  [xx XXX xxxx]



  *) Have SSL/TLS server implementation tolerate "mismatched" record

     protocol version while receiving ClientHello even if the

     ClientHello is fragmented.  (The server can't insist on the

     particular protocol version it has chosen before the ServerHello

     message has informed the client about his choice.)

     [Bodo Moeller]



  *) Load error codes if they are not already present instead of using a

     static variable. This allows them to be cleanly unloaded and reloaded.

     [Steve Henson]



 Changes between 0.9.7k and 0.9.7l  [28 Sep 2006]



  *) Introduce limits to prevent malicious keys being able to

ssl/d1_pkt.c

+1 −5
Original line number Diff line number Diff line
@@ -573,11 +573,7 @@ again: 
		n2s(p,rr->length);



		/* Lets check version */

		if (s->first_packet)

			{

			s->first_packet=0;

			}

		else

		if (!s->first_packet)

			{

			if (version != s->version)

				{

ssl/s23_clnt.c

+0 −1
Original line number Diff line number Diff line
@@ -638,7 +638,6 @@ static int ssl23_get_server_hello(SSL *s) 
	if (!ssl_get_new_session(s,0))

		goto err;



	s->first_packet=1;

	return(SSL_connect(s));

err:

	return(-1);

ssl/s23_srvr.c

+0 −1
Original line number Diff line number Diff line
@@ -576,7 +576,6 @@ int ssl23_get_client_hello(SSL *s) 
	s->init_num=0;



	if (buf != buf_space) OPENSSL_free(buf);

	s->first_packet=1;

	return(SSL_accept(s));

err:

	if (buf != buf_space) OPENSSL_free(buf);

ssl/s3_pkt.c

+1 −5
Original line number Diff line number Diff line
@@ -307,11 +307,7 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length); 
#endif



		/* Lets check version */

		if (s->first_packet)

			{

			s->first_packet=0;

			}

		else

		if (!s->first_packet)

			{

			if (version != s->version)

				{