/[smeserver]/rpms/ipsvd/sme7/matrix.decode.debug.patch
ViewVC logotype

Annotation of /rpms/ipsvd/sme7/matrix.decode.debug.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Wed Oct 3 18:33:20 2007 UTC (17 years, 2 months ago) by slords
Branch: MAIN
CVS Tags: ipsvd-0_12_1-5_el4_sme, ipsvd-0_12_1-4_el4_sme, HEAD
updates

1 slords 1.1 --- matrixssl/src/sslDecode.c.orig 2007-08-17 14:12:23.000000000 -0400
2     +++ matrixssl/src/sslDecode.c 2007-08-17 15:56:46.000000000 -0400
3     @@ -619,6 +619,8 @@
4     First two bytes are the highest supported major and minor SSL versions
5     We support only 3.0 (support 3.1 in commercial version)
6     */
7     + matrixStrDebugMsg("c is %u\n", c);
8     + matrixStrDebugMsg("end is %u\n", end);
9     if (end - c < 2) {
10     ssl->err = SSL_ALERT_ILLEGAL_PARAMETER;
11     matrixStrDebugMsg("Invalid ssl header version length\n", NULL);
12     @@ -626,6 +628,7 @@
13     }
14     ssl->reqMajVer = *c; c++;
15     ssl->reqMinVer = *c; c++;
16     + matrixStrDebugMsg("after version number c is %u\n", c);
17     if (ssl->reqMajVer >= SSL3_MAJ_VER) {
18     ssl->majVer = ssl->reqMajVer;
19     ssl->minVer = SSL3_MIN_VER;
20     @@ -651,7 +654,9 @@
21     }
22     memcpy(ssl->sec.clientRandom, c, SSL_HS_RANDOM_SIZE);
23     c += SSL_HS_RANDOM_SIZE;
24     + matrixStrDebugMsg("after random block c is %u\n", c);
25     ssl->sessionIdLen = *c; c++;
26     + matrixStrDebugMsg("before session id c is %u\n", c);
27     /*
28     If a session length was specified, the client is asking to
29     resume a previously established session to speed up the handshake.
30     @@ -685,6 +690,7 @@
31     */
32     ssl->flags &= ~SSL_FLAGS_RESUMED;
33     }
34     + matrixStrDebugMsg("after session id c is %u\n", c);
35     /*
36     Next is the two byte cipher suite list length, network byte order.
37     It must not be zero, and must be a multiple of two.
38     @@ -696,6 +702,7 @@
39     }
40     suiteLen = *c << 8; c++;
41     suiteLen += *c; c++;
42     + matrixStrDebugMsg("before cipher list c is %u\n", c);
43     if (suiteLen == 0 || suiteLen & 1) {
44     ssl->err = SSL_ALERT_ILLEGAL_PARAMETER;
45     matrixIntDebugMsg("Unable to parse cipher suite list: %d\n",
46     @@ -732,6 +739,7 @@
47     }
48     }
49     }
50     + matrixStrDebugMsg("after cipher suites c is %u\n", c);
51     /*
52     If we fell to the default cipher suite, we didn't have
53     any in common with the client, or the client is being bad
54     @@ -750,6 +758,7 @@
55     and value 0 (second byte). There are no compression schemes defined
56     for SSLv3
57     */
58     + matrixStrDebugMsg("before compression header length c is %u\n", c);
59     if (end - c < 1) {
60     ssl->err = SSL_ALERT_ILLEGAL_PARAMETER;
61     matrixStrDebugMsg("Invalid compression header length\n", NULL);
62     @@ -762,6 +771,7 @@
63     return SSL_ERROR;
64     }
65     c += extLen;
66     + matrixStrDebugMsg("after comps c is %u\n", c);
67    
68     if (ssl->reqMinVer == SSL3_MIN_VER && extLen != 1) {
69     ssl->err = SSL_ALERT_ILLEGAL_PARAMETER;
70     @@ -773,14 +783,17 @@
71     to parse here: Two byte length and extension info.
72     http://www.faqs.org/rfcs/rfc3546.html
73     */
74     - if (ssl->reqMinVer >= TLS_MIN_VER && c != end) {
75     + /*if (ssl->reqMinVer >= TLS_MIN_VER && c != end) {*/
76     + if (c != end) {
77     if (end - c < 2) {
78     ssl->err = SSL_ALERT_ILLEGAL_PARAMETER;
79     matrixStrDebugMsg("Invalid extension header len\n", NULL);
80     return SSL_ERROR;
81     }
82     + matrixStrDebugMsg("before extLen c is %u\n", c);
83     extLen = *c << 8; c++;
84     extLen += *c; c++;
85     + matrixStrDebugMsg("before extensions c is %u\n", c);
86     if (end - c < extLen) {
87     ssl->err = SSL_ALERT_ILLEGAL_PARAMETER;
88     matrixStrDebugMsg("Invalid extension header len\n", NULL);
89     @@ -793,6 +806,7 @@
90     just skip over all extensions, ignoring them.
91     */
92     c += extLen;
93     + matrixStrDebugMsg("after extensions c is %u\n", c);
94     }
95     } else {
96     /*
97     @@ -885,6 +899,8 @@
98     if (c != end) {
99     ssl->err = SSL_ALERT_ILLEGAL_PARAMETER;
100     matrixStrDebugMsg("Invalid final client hello length\n", NULL);
101     + matrixStrDebugMsg("parsed to %u\n", c);
102     + matrixStrDebugMsg("end at %u\n", end);
103     return SSL_ERROR;
104     }
105    

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed