← Back to branch summary

~ubuntu-branches/ubuntu/karmic/openssl/karmic-proposed

~ubuntu-branches/ubuntu/karmic/openssl/karmic-proposed

« back to all changes in this revision

Viewing changes to ssl/d1_both.c

Committer: Bazaar Package Importer
Author(s): Marc Deslauriers
Date: 2010-08-12 08:32:19 UTC
Revision ID: james.westby@ubuntu.com-20100812083219-9srweutpnf7hiocm

Tags: 0.9.8g-16ubuntu3.2

https://launchpad.net/bugs/616759

* SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
  - apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
    ssl/{d1_both,d1_clnt,d1_srvr,s3_both,s3_clnt,s3_pkt,s3_srvr,ssl_err,
    ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,ssl_locl,
    tls1}.h: backport rfc5746 support from openssl 0.9.8m.
  - CVE-2009-3555

files added:
ssl/t1_reneg.c

files modified:
apps/s_cb.c

apps/s_client.c

apps/s_server.c

debian/changelog

doc/ssl/SSL_CTX_set_options.pod

ssl/Makefile

ssl/d1_both.c

ssl/d1_clnt.c

ssl/d1_srvr.c

ssl/s3_both.c

ssl/s3_clnt.c

ssl/s3_pkt.c

ssl/s3_srvr.c

ssl/ssl.h

ssl/ssl3.h

ssl/ssl_err.c

ssl/ssl_lib.c

ssl/ssl_locl.h

ssl/t1_lib.c

ssl/tls1.h

Show diffs side-by-side

added added

removed removed

751

751

p+=i;

752

752

l=i;

753

753

754

/* Copy the finished so we can use it for

755

* renegotiation checks

756

*/

757

if(s->type == SSL_ST_CONNECT)

758

{

759

OPENSSL_assert(i <= EVP_MAX_MD_SIZE);

760

memcpy(s->s3->previous_client_finished,

761

s->s3->tmp.finish_md, i);

762

s->s3->previous_client_finished_len=i;

763

}

764

else

765

{

766

OPENSSL_assert(i <= EVP_MAX_MD_SIZE);

767

memcpy(s->s3->previous_server_finished,

768

s->s3->tmp.finish_md, i);

769

s->s3->previous_server_finished_len=i;

770

}

771

754

772

#ifdef OPENSSL_SYS_WIN16

755

773

/* MSVC 1.5 does not clear the top bytes of the word unless

756

774

* I do this.

Older »