Bugfix: larger message size in ssl3_get_key_exchange() because

ServerKeyExchange message may be skipped. Submitted by: Petr Lampa <lampa@fee.vutbr.cz>
author: Bodo Möller <bodo@openssl.org> 2001-08-07 09:30:18 +0000
committer: Bodo Möller <bodo@openssl.org> 2001-08-07 09:30:18 +0000
commit: 37a7cd1a11827af12801a535ad9b17bdca96caeb (patch)
tree: d26649b935c4479b3716734d0794d042f3b214ff /CHANGES
parent: 3a2d9c4dd0b2d75aca3decae7737304b9024dc34 (diff)
download: openssl-37a7cd1a11827af12801a535ad9b17bdca96caeb.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 488ad3db06..c969141757 100644
--- a/CHANGES
+++ b/CHANGES
@@ -12,6 +12,12 @@
          *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
          +) applies to 0.9.7 only
 
+  *) In ssl3_get_key_exchange (ssl/s3_clnt.c), call ssl3_get_message()
+     with the same message size as in ssl3_get_certificate_request().
+     Otherwise, if no ServerKeyExchange message occurs, CertificateRequest
+     messages might inadvertently be reject as too long.
+     [Petr Lampa <lampa@fee.vutbr.cz>]
+
   +) Move SSL_OP_TLS_ROLLBACK_BUG out of the SSL_OP_ALL list of recommended
      bug workarounds. Rollback attack detection is a security feature.
      The problem will only arise on OpenSSL servers when TLSv1 is not
author	Bodo Möller <bodo@openssl.org>	2001-08-07 09:30:18 +0000
committer	Bodo Möller <bodo@openssl.org>	2001-08-07 09:30:18 +0000
commit	37a7cd1a11827af12801a535ad9b17bdca96caeb (patch)
tree	d26649b935c4479b3716734d0794d042f3b214ff /CHANGES
parent	3a2d9c4dd0b2d75aca3decae7737304b9024dc34 (diff)
download	openssl-37a7cd1a11827af12801a535ad9b17bdca96caeb.tar.gz