Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.4:Update
openssl-1_0_0.31472
openssl-record_msg_callback.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-record_msg_callback.patch of Package openssl-1_0_0.31472
From 6b6d0369588de4fa27e2dd180ccd06bef6b2d261 Mon Sep 17 00:00:00 2001 From: Vitezslav Cizek <vcizek@suse.com> Date: Thu, 16 Aug 2018 16:49:22 +0200 Subject: [PATCH] ssl/s23_clnt.c: set TLS version to 0 in msg_callback for record messages In some cases, the msg_callback was invoked on the record protocol messages without setting the version to zero. This confuses the applications which then misinterpret the record's content. Eg. the record layer ContentType value 22 (handshake) gets mistakenly interpreted as HandshakeType value 22 (certificate_status). This was fixed in 1.1 and above by the version negotiation rewrite (a3680c8f9c33d4190c367572645980ccdb9d5bbf) --- ssl/s23_clnt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Index: openssl-1.0.2p/ssl/s23_clnt.c =================================================================== --- openssl-1.0.2p.orig/ssl/s23_clnt.c 2018-08-14 14:48:59.000000000 +0200 +++ openssl-1.0.2p/ssl/s23_clnt.c 2018-11-23 16:04:33.398575976 +0100 @@ -606,7 +606,7 @@ static int ssl23_client_hello(SSL *s) s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data + 2, ret - 2, s, s->msg_callback_arg); else { - s->msg_callback(1, version, SSL3_RT_HEADER, s->init_buf->data, 5, + s->msg_callback(1, 0, SSL3_RT_HEADER, s->init_buf->data, 5, s, s->msg_callback_arg); s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data + 5, ret - 5, s, @@ -792,7 +792,7 @@ static int ssl23_get_server_hello(SSL *s } if (s->msg_callback) { - s->msg_callback(0, s->version, SSL3_RT_HEADER, p, 5, s, + s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s, s->msg_callback_arg); s->msg_callback(0, s->version, SSL3_RT_ALERT, p + 5, 2, s, s->msg_callback_arg);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor