Loading ChangeLog.0_9_7-stable_not-in-head +0 −22 Original line number Diff line number Diff line Loading @@ -165,28 +165,6 @@ be added to the end of this file. DES CFB8 test. 2004-03-17 05:01 mark Changed: CHANGES (1.977.2.128), "Exp", lines: +9 -1 FAQ (1.61.2.30), "Exp", lines: +1 -1 LICENSE (1.7.2.3), "Exp", lines: +1 -1 NEWS (1.39.2.21), "Exp", lines: +8 -0 README (1.39.2.24), "Exp", lines: +2 -2 STATUS (1.211.2.41), "Exp", lines: +4 -1 openssl.spec (1.6.2.6), "Exp", lines: +1 -1 crypto/opensslv.h (1.40.2.21), "Exp", lines: +2 -2 ssl/s3_pkt.c (1.46.2.6), "Exp", lines: +8 -0 ssl/s3_srvr.c (1.85.2.20), "Exp", lines: +16 -0 Fix null-pointer assignment in do_change_cipher_spec() revealed by using the Codenomicon TLS Test Tool (CAN-2004-0079) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites (CAN-2004-0112) Ready for 0.9.7d build Submitted by: Steven Henson Reviewed by: Joe Orton Approved by: Mark Cox 2004-05-12 16:11 ben Changed: Loading ssl/s3_pkt.c +8 −0 Original line number Diff line number Diff line Loading @@ -1087,6 +1087,14 @@ start: goto f_err; } /* Check we have a cipher to change to */ if (s->s3->tmp.new_cipher == NULL) { al=SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY); goto f_err; } rr->length=0; if (s->msg_callback) Loading ssl/s3_srvr.c +16 −0 Original line number Diff line number Diff line Loading @@ -1883,11 +1883,27 @@ int ssl3_get_client_key_exchange(SSL *s) n2s(p,i); enc_ticket.length = i; if (n < enc_ticket.length + 6) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); goto err; } enc_ticket.data = (char *)p; p+=enc_ticket.length; n2s(p,i); authenticator.length = i; if (n < enc_ticket.length + authenticator.length + 6) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); goto err; } authenticator.data = (char *)p; p+=authenticator.length; Loading Loading
ChangeLog.0_9_7-stable_not-in-head +0 −22 Original line number Diff line number Diff line Loading @@ -165,28 +165,6 @@ be added to the end of this file. DES CFB8 test. 2004-03-17 05:01 mark Changed: CHANGES (1.977.2.128), "Exp", lines: +9 -1 FAQ (1.61.2.30), "Exp", lines: +1 -1 LICENSE (1.7.2.3), "Exp", lines: +1 -1 NEWS (1.39.2.21), "Exp", lines: +8 -0 README (1.39.2.24), "Exp", lines: +2 -2 STATUS (1.211.2.41), "Exp", lines: +4 -1 openssl.spec (1.6.2.6), "Exp", lines: +1 -1 crypto/opensslv.h (1.40.2.21), "Exp", lines: +2 -2 ssl/s3_pkt.c (1.46.2.6), "Exp", lines: +8 -0 ssl/s3_srvr.c (1.85.2.20), "Exp", lines: +16 -0 Fix null-pointer assignment in do_change_cipher_spec() revealed by using the Codenomicon TLS Test Tool (CAN-2004-0079) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites (CAN-2004-0112) Ready for 0.9.7d build Submitted by: Steven Henson Reviewed by: Joe Orton Approved by: Mark Cox 2004-05-12 16:11 ben Changed: Loading
ssl/s3_pkt.c +8 −0 Original line number Diff line number Diff line Loading @@ -1087,6 +1087,14 @@ start: goto f_err; } /* Check we have a cipher to change to */ if (s->s3->tmp.new_cipher == NULL) { al=SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY); goto f_err; } rr->length=0; if (s->msg_callback) Loading
ssl/s3_srvr.c +16 −0 Original line number Diff line number Diff line Loading @@ -1883,11 +1883,27 @@ int ssl3_get_client_key_exchange(SSL *s) n2s(p,i); enc_ticket.length = i; if (n < enc_ticket.length + 6) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); goto err; } enc_ticket.data = (char *)p; p+=enc_ticket.length; n2s(p,i); authenticator.length = i; if (n < enc_ticket.length + authenticator.length + 6) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); goto err; } authenticator.data = (char *)p; p+=authenticator.length; Loading
