This commit was generated by cvs2svn to compensate for changes in r101615,

which included commits to RCS files with non-trunk default branches.
This commit is contained in:
Jacques Vidrine 2002-08-10 01:46:10 +00:00
commit d96a831475
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=101616
9 changed files with 34 additions and 8 deletions

View File

@ -546,7 +546,11 @@ static int ssl3_client_hello(SSL *s)
*(p++)=i;
if (i != 0)
{
die(i <= sizeof s->session->session_id);
if (i > sizeof s->session->session_id)
{
SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_INTERNAL_ERROR);
goto err;
}
memcpy(p,s->session->session_id,i);
p+=i;
}

View File

@ -949,7 +949,11 @@ static int ssl3_send_server_hello(SSL *s)
s->session->session_id_length=0;
sl=s->session->session_id_length;
die(sl <= sizeof s->session->session_id);
if (sl > sizeof s->session->session_id)
{
SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, SSL_R_INTERNAL_ERROR);
return -1;
}
*(p++)=sl;
memcpy(p,s->session->session_id,sl);
p+=sl;

View File

@ -1285,6 +1285,7 @@ void ERR_load_SSL_strings(void);
/* Function codes. */
#define SSL_F_CLIENT_CERTIFICATE 100
#define SSL_F_CLIENT_FINISHED 238
#define SSL_F_CLIENT_HELLO 101
#define SSL_F_CLIENT_MASTER_KEY 102
#define SSL_F_D2I_SSL_SESSION 103
@ -1298,7 +1299,9 @@ void ERR_load_SSL_strings(void);
#define SSL_F_I2D_SSL_SESSION 111
#define SSL_F_READ_N 112
#define SSL_F_REQUEST_CERTIFICATE 113
#define SSL_F_SERVER_FINISH 239
#define SSL_F_SERVER_HELLO 114
#define SSL_F_SERVER_VERIFY 240
#define SSL_F_SSL23_ACCEPT 115
#define SSL_F_SSL23_CLIENT_HELLO 116
#define SSL_F_SSL23_CONNECT 117
@ -1310,6 +1313,7 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL2_ACCEPT 122
#define SSL_F_SSL2_CONNECT 123
#define SSL_F_SSL2_ENC_INIT 124
#define SSL_F_SSL2_GENERATE_KEY_MATERIAL 241
#define SSL_F_SSL2_PEEK 234
#define SSL_F_SSL2_READ 125
#define SSL_F_SSL2_READ_INTERNAL 236
@ -1345,6 +1349,7 @@ void ERR_load_SSL_strings(void);
#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
#define SSL_F_SSL3_SEND_SERVER_HELLO 242
#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
#define SSL_F_SSL3_SETUP_BUFFERS 156
#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
@ -1559,6 +1564,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_SHORT_READ 219
#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 1114
#define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113
#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042

View File

@ -274,9 +274,10 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp,
if (os.length > i)
os.length = i;
if (os.length > sizeof ret->session_id) /* can't happen */
os.length = sizeof ret->session_id;
ret->session_id_length=os.length;
die(os.length <= sizeof ret->session_id);
memcpy(ret->session_id,os.data,os.length);
M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);

View File

@ -67,6 +67,7 @@
static ERR_STRING_DATA SSL_str_functs[]=
{
{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0), "CLIENT_CERTIFICATE"},
{ERR_PACK(0,SSL_F_CLIENT_FINISHED,0), "CLIENT_FINISHED"},
{ERR_PACK(0,SSL_F_CLIENT_HELLO,0), "CLIENT_HELLO"},
{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"},
{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0), "d2i_SSL_SESSION"},
@ -80,7 +81,9 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0), "i2d_SSL_SESSION"},
{ERR_PACK(0,SSL_F_READ_N,0), "READ_N"},
{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0), "REQUEST_CERTIFICATE"},
{ERR_PACK(0,SSL_F_SERVER_FINISH,0), "SERVER_FINISH"},
{ERR_PACK(0,SSL_F_SERVER_HELLO,0), "SERVER_HELLO"},
{ERR_PACK(0,SSL_F_SERVER_VERIFY,0), "SERVER_VERIFY"},
{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0), "SSL23_ACCEPT"},
{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0), "SSL23_CLIENT_HELLO"},
{ERR_PACK(0,SSL_F_SSL23_CONNECT,0), "SSL23_CONNECT"},
@ -92,6 +95,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"},
{ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"},
{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"},
{ERR_PACK(0,SSL_F_SSL2_GENERATE_KEY_MATERIAL,0), "SSL2_GENERATE_KEY_MATERIAL"},
{ERR_PACK(0,SSL_F_SSL2_PEEK,0), "SSL2_PEEK"},
{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"},
{ERR_PACK(0,SSL_F_SSL2_READ_INTERNAL,0), "SSL2_READ_INTERNAL"},
@ -127,6 +131,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0), "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0), "SSL3_SEND_CLIENT_VERIFY"},
{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0), "SSL3_SEND_SERVER_CERTIFICATE"},
{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_HELLO,0), "SSL3_SEND_SERVER_HELLO"},
{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0), "SSL3_SEND_SERVER_KEY_EXCHANGE"},
{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0), "SSL3_SETUP_BUFFERS"},
{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0), "SSL3_SETUP_KEY_BLOCK"},
@ -344,6 +349,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{SSL_R_SHORT_READ ,"short read"},
{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
{SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"},
{SSL_R_SSL2_CONNECTION_ID_TOO_LONG ,"ssl2 connection id too long"},
{SSL_R_SSL3_SESSION_ID_TOO_LONG ,"ssl3 session id too long"},
{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"},
{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"},

View File

@ -500,7 +500,7 @@ STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
int ssl_verify_alarm_type(long type);
int ssl2_enc_init(SSL *s, int client);
void ssl2_generate_key_material(SSL *s);
int ssl2_generate_key_material(SSL *s);
void ssl2_enc(SSL *s,int send_data);
void ssl2_mac(SSL *s,unsigned char *mac,int send_data);
SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);

View File

@ -200,7 +200,12 @@ int ssl_get_new_session(SSL *s, int session)
ss->session_id_length=0;
}
die(s->sid_ctx_length <= sizeof ss->sid_ctx);
if (s->sid_ctx_length > sizeof ss->sid_ctx)
{
SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_INTERNAL_ERROR);
SSL_SESSION_free(ss);
return 0;
}
memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length);
ss->sid_ctx_length=s->sid_ctx_length;
s->session=ss;

View File

@ -1,4 +1,4 @@
#!/usr/local/bin/perl5
#!/usr/local/bin/perl
# Perl c_rehash script, scan all files in a directory

View File

@ -320,7 +320,7 @@ EOF
print OUT <<"EOF";
/* $cfile */
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions