Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
b49124f6
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
9 个月 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
b49124f6
编写于
9月 21, 2001
作者:
B
Bodo Möller
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Disable session related stuff in SSL_ST_OK case of ssl3_accept if we
just sent a HelloRequest.
上级
2260ad21
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
22 addition
and
20 deletion
+22
-20
CHANGES
CHANGES
+4
-2
ssl/s3_srvr.c
ssl/s3_srvr.c
+17
-16
ssl/ssl.h
ssl/ssl.h
+1
-2
未找到文件。
CHANGES
浏览文件 @
b49124f6
...
...
@@ -30,11 +30,13 @@
*) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C
should end in 'break', not 'goto end' which circuments various
cleanups.
cleanups done in state SSL_ST_OK. But session related stuff
must be disabled for SSL_ST_OK in the case that we just sent a
HelloRequest.
Also avoid some overhead by not calling ssl_init_wbio_buffer()
before just sending a HelloRequest.
[Bodo Moeller]
[Bodo Moeller
, Eric Rescorla <ekr@rtfm.com>
]
*) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
reveal whether illegal block cipher padding was found or a MAC
...
...
ssl/s3_srvr.c
浏览文件 @
b49124f6
...
...
@@ -170,6 +170,7 @@ int ssl3_accept(SSL *s)
long
num1
;
int
ret
=
-
1
;
int
new_state
,
state
,
skip
=
0
;
int
got_new_session
=
0
;
RAND_add
(
&
Time
,
sizeof
(
Time
),
0
);
ERR_clear_error
();
...
...
@@ -282,6 +283,7 @@ int ssl3_accept(SSL *s)
s
->
shutdown
=
0
;
ret
=
ssl3_get_client_hello
(
s
);
if
(
ret
<=
0
)
goto
end
;
got_new_session
=
1
;
s
->
state
=
SSL3_ST_SW_SRVR_HELLO_A
;
s
->
init_num
=
0
;
break
;
...
...
@@ -522,20 +524,24 @@ int ssl3_accept(SSL *s)
/* remove buffering on output */
ssl_free_wbio_buffer
(
s
);
if
(
s
->
new_session
==
2
)
s
->
new_session
=
0
;
/* if s->new_session is still 1, we have only sent a HelloRequest */
s
->
init_num
=
0
;
ssl_update_cache
(
s
,
SSL_SESS_CACHE_SERVER
);
s
->
ctx
->
stats
.
sess_accept_good
++
;
/* s->server=1; */
s
->
handshake_func
=
ssl3_accept
;
ret
=
1
;
if
(
cb
!=
NULL
)
cb
(
s
,
SSL_CB_HANDSHAKE_DONE
,
1
);
if
(
got_new_session
)
/* skipped if we just sent a HelloRequest */
{
/* actually not necessarily a 'new' session unless
* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
s
->
new_session
=
0
;
ssl_update_cache
(
s
,
SSL_SESS_CACHE_SERVER
);
s
->
ctx
->
stats
.
sess_accept_good
++
;
/* s->server=1; */
s
->
handshake_func
=
ssl3_accept
;
if
(
cb
!=
NULL
)
cb
(
s
,
SSL_CB_HANDSHAKE_DONE
,
1
);
}
goto
end
;
/* break; */
...
...
@@ -702,11 +708,6 @@ static int ssl3_get_client_hello(SSL *s)
}
}
if
(
s
->
new_session
)
/* actually not necessarily a 'new' section unless
* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
s
->
new_session
=
2
;
p
+=
j
;
n2s
(
p
,
i
);
if
((
i
==
0
)
&&
(
j
!=
0
))
...
...
ssl/ssl.h
浏览文件 @
b49124f6
...
...
@@ -643,8 +643,7 @@ struct ssl_st
int
server
;
/* are we the server side? - mostly used by SSL_clear*/
int
new_session
;
/* 1 if we are to use a new session,
* (sometimes 2 after a new session has in fact been assigned).
int
new_session
;
/* 1 if we are to use a new session.
* NB: For servers, the 'new' session may actually be a previously
* cached session or even the previous session unless
* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录