From 37569e64e8012014a4b027d896da6c6cdf372507 Mon Sep 17 00:00:00 2001 From: Bodo Möller Date: Sat, 29 Jul 2000 18:50:41 +0000 Subject: Fix SSL 2.0 rollback checking: The previous implementation of the test was never triggered due to an off-by-one error. In s23_clnt.c, don't use special rollback-attack detection padding (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the client; similarly, in s23_srvr.c, don't do the rollback check if SSL 2.0 is the only protocol enabled in the server. --- crypto/rsa/rsa_ssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'crypto/rsa/rsa_ssl.c') diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index 81a857c813..482f4a8273 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -134,7 +134,7 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from, { if (p[k] != 0x03) break; } - if (k == 0) + if (k == -1) { RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK); return(-1); -- cgit v1.2.3