diff options
| author | Mark J. Cox <mark@openssl.org> | 1999-02-16 09:22:21 +0000 |
|---|---|---|
| committer | Mark J. Cox <mark@openssl.org> | 1999-02-16 09:22:21 +0000 |
| commit | 413c4f45ed0508d2242638696b7665f499d68265 (patch) | |
| tree | 5a5e667f7fc9cb548ab3b24dd02fff78e1b8f282 /ssl/t1_enc.c | |
| parent | a8236c8c322101c273d14c62282f264555e147c4 (diff) | |
| download | openssl-new-413c4f45ed0508d2242638696b7665f499d68265.tar.gz | |
Updates to the new SSL compression code
[Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
Fix so that the version number in the master secret, when passed
via RSA, checks that if TLS was proposed, but we roll back to SSLv3
(because the server will not accept higher), that the version number
is 0x03,0x01, not 0x03,0x00
[Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
Submitted by:
Reviewed by:
PR:
Diffstat (limited to 'ssl/t1_enc.c')
| -rw-r--r-- | ssl/t1_enc.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index ac9da4da3a..f228295bba 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -57,6 +57,7 @@ */ #include <stdio.h> +#include "comp.h" #include "evp.h" #include "hmac.h" #include "ssl_locl.h" @@ -175,7 +176,7 @@ int which; int client_write; EVP_CIPHER_CTX *dd; EVP_CIPHER *c; - COMP_METHOD *comp; + SSL_COMP *comp; EVP_MD *m; int exp,n,i,j,k,exp_label_len,cl; @@ -200,14 +201,15 @@ int which; } if (comp != NULL) { - s->expand=COMP_CTX_new(comp); + s->expand=COMP_CTX_new(comp->method); if (s->expand == NULL) { SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR); goto err2; } - s->s3->rrec.comp=(unsigned char *) - Malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH); + if (s->s3->rrec.comp == NULL) + s->s3->rrec.comp=(unsigned char *) + Malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH); if (s->s3->rrec.comp == NULL) goto err; } @@ -229,7 +231,7 @@ int which; } if (comp != NULL) { - s->compress=COMP_CTX_new(comp); + s->compress=COMP_CTX_new(comp->method); if (s->compress == NULL) { SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR); @@ -346,11 +348,12 @@ SSL *s; EVP_CIPHER *c; EVP_MD *hash; int num,exp; + SSL_COMP *comp; if (s->s3->tmp.key_block_length != 0) return(1); - if (!ssl_cipher_get_evp(s->session->cipher,&c,&hash)) + if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp)) { SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE); return(0); @@ -504,7 +507,7 @@ unsigned char *out; unsigned int ret; EVP_MD_CTX ctx; - memcpy(&ctx,in_ctx,sizeof(EVP_MD_CTX)); + EVP_MD_CTX_copy(&ctx,in_ctx); EVP_DigestFinal(&ctx,out,&ret); return((int)ret); } @@ -525,10 +528,10 @@ unsigned char *out; memcpy(q,str,slen); q+=slen; - memcpy(&ctx,in1_ctx,sizeof(EVP_MD_CTX)); + EVP_MD_CTX_copy(&ctx,in1_ctx); EVP_DigestFinal(&ctx,q,&i); q+=i; - memcpy(&ctx,in2_ctx,sizeof(EVP_MD_CTX)); + EVP_MD_CTX_copy(&ctx,in2_ctx); EVP_DigestFinal(&ctx,q,&i); q+=i; |