aboutsummaryrefslogtreecommitdiff
path: root/ssl/s3_srvr.c
diff options
context:
space:
mode:
authorBodo Möller <bodo@openssl.org>2001-10-20 17:56:36 +0000
committerBodo Möller <bodo@openssl.org>2001-10-20 17:56:36 +0000
commita661b6535744f41b428bb35a7fc3e5747900e9ef (patch)
treeb0407e3532c11891d2a7a9d22475a2db85db5ce7 /ssl/s3_srvr.c
parent98e665493818493e9a2bb4fce30127aca052f47a (diff)
downloadopenssl-a661b6535744f41b428bb35a7fc3e5747900e9ef.zip
openssl-a661b6535744f41b428bb35a7fc3e5747900e9ef.tar.gz
openssl-a661b6535744f41b428bb35a7fc3e5747900e9ef.tar.bz2
New functions SSL[_CTX]_set_msg_callback().
New macros SSL[_CTX]_set_msg_callback_arg(). Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet). New '-msg' option for 'openssl s_client' and 'openssl s_server' that enable a message callback that displays all protocol messages. In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if client_version is smaller than the protocol version in use. Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the client will at least see that alert. Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic pointer). Add/update some OpenSSL copyright notices.
Diffstat (limited to 'ssl/s3_srvr.c')
-rw-r--r--ssl/s3_srvr.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index d838bb9..9cea6e3 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -670,6 +670,18 @@ static int ssl3_get_client_hello(SSL *s)
s->client_version=(((int)p[0])<<8)|(int)p[1];
p+=2;
+ if (s->client_version < s->version)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
+ if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
+ {
+ /* similar to ssl3_get_record, send alert using remote version number */
+ s->version = s->client_version;
+ }
+ al = SSL_AD_PROTOCOL_VERSION;
+ goto f_err;
+ }
+
/* load the client random */
memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE);
p+=SSL3_RANDOM_SIZE;
generated by cgit v1.1 at 2024-07-14 06:33:37 +0000