Fix SSL 2.0 rollback checking: The previous implementation of the

test was never triggered due to an off-by-one error. In s23_clnt.c, don't use special rollback-attack detection padding (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the client; similarly, in s23_srvr.c, don't do the rollback check if SSL 2.0 is the only protocol enabled in the server.
author: Bodo Möller <bodo@openssl.org> 2000-07-29 18:50:41 +0000
committer: Bodo Möller <bodo@openssl.org> 2000-07-29 18:50:41 +0000
commit: 37569e64e8012014a4b027d896da6c6cdf372507 (patch)
tree: 5a9b45aaab90f88ef9770f6d896e81f2fd6e7066 /CHANGES
parent: a657546f9c376f4b7ba4dce14649598fb1a38de5 (diff)
download: openssl-37569e64e8012014a4b027d896da6c6cdf372507.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index e25b9eaed4..159c1e27e7 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,15 @@
 
  Changes between 0.9.5a and 0.9.6  [xx XXX 2000]
 
+  *) Fix SSL 2.0 rollback checking: The previous implementation of the
+     test was never triggered due to an off-by-one error in
+     RSA_padding_check_SSLv23().
+     In s23_clnt.c, don't use special rollback-attack detection padding
+     (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
+     client; similarly, in s23_srvr.c, don't do the rollback check if
+     SSL 2.0 is the only protocol enabled in the server.
+     [Bodo Moeller]
+
   *) Make it possible to get hexdumps of unprintable data with 'openssl
      asn1parse'.  By implication, the functions ASN1_parse_dump() and
      BIO_dump_indent() are added.
author	Bodo Möller <bodo@openssl.org>	2000-07-29 18:50:41 +0000
committer	Bodo Möller <bodo@openssl.org>	2000-07-29 18:50:41 +0000
commit	37569e64e8012014a4b027d896da6c6cdf372507 (patch)
tree	5a9b45aaab90f88ef9770f6d896e81f2fd6e7066 /CHANGES
parent	a657546f9c376f4b7ba4dce14649598fb1a38de5 (diff)
download	openssl-37569e64e8012014a4b027d896da6c6cdf372507.tar.gz