diff options
author | Mark J. Cox <mark@openssl.org> | 1999-02-16 09:22:21 +0000 |
---|---|---|
committer | Mark J. Cox <mark@openssl.org> | 1999-02-16 09:22:21 +0000 |
commit | 413c4f45ed0508d2242638696b7665f499d68265 (patch) | |
tree | 5a5e667f7fc9cb548ab3b24dd02fff78e1b8f282 /ssl/s3_enc.c | |
parent | a8236c8c322101c273d14c62282f264555e147c4 (diff) | |
download | openssl-413c4f45ed0508d2242638696b7665f499d68265.tar.gz |
Updates to the new SSL compression code
[Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
Fix so that the version number in the master secret, when passed
via RSA, checks that if TLS was proposed, but we roll back to SSLv3
(because the server will not accept higher), that the version number
is 0x03,0x01, not 0x03,0x00
[Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
Submitted by:
Reviewed by:
PR:
Diffstat (limited to 'ssl/s3_enc.c')
-rw-r--r-- | ssl/s3_enc.c | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index c5c9a3be42..a655e12bec 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -144,7 +144,10 @@ int which; exp=(s->s3->tmp.new_cipher->algorithms & SSL_EXPORT)?1:0; c=s->s3->tmp.new_sym_enc; m=s->s3->tmp.new_hash; - comp=s->s3->tmp.new_compression; + if (s->s3->tmp.new_compression == NULL) + comp=NULL; + else + comp=s->s3->tmp.new_compression->method; key_block=s->s3->tmp.key_block; if (which & SSL3_CC_READ) @@ -169,8 +172,9 @@ int which; SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR); goto err2; } - s->s3->rrec.comp=(unsigned char *) - Malloc(SSL3_RT_MAX_PLAIN_LENGTH); + if (s->s3->rrec.comp == NULL) + s->s3->rrec.comp=(unsigned char *) + Malloc(SSL3_RT_MAX_PLAIN_LENGTH); if (s->s3->rrec.comp == NULL) goto err; } @@ -280,11 +284,12 @@ SSL *s; EVP_CIPHER *c; EVP_MD *hash; int num,exp; + SSL_COMP *comp; if (s->s3->tmp.key_block_length != 0) return(1); - if (!ssl_cipher_get_evp(s->session->cipher,&c,&hash)) + if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp)) { SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE); return(0); @@ -292,11 +297,7 @@ SSL *s; s->s3->tmp.new_sym_enc=c; s->s3->tmp.new_hash=hash; -#ifdef ZLIB - s->s3->tmp.new_compression=COMP_zlib(); -#endif -/* s->s3->tmp.new_compression=COMP_rle(); */ -/* s->session->compress_meth= xxxxx */ + s->s3->tmp.new_compression=comp; exp=(s->session->cipher->algorithms & SSL_EXPORT)?1:0; @@ -454,7 +455,7 @@ unsigned char *p; unsigned char md_buf[EVP_MAX_MD_SIZE]; EVP_MD_CTX ctx; - memcpy(&ctx,in_ctx,sizeof(EVP_MD_CTX)); + EVP_MD_CTX_copy(&ctx,in_ctx); n=EVP_MD_CTX_size(&ctx); npad=(48/n)*n; |