diff options
author | Mike DePaulo <mikedep333@gmail.com> | 2014-10-18 19:59:47 -0400 |
---|---|---|
committer | Mike DePaulo <mikedep333@gmail.com> | 2014-10-18 20:57:54 -0400 |
commit | c4962abc9b5940cdd3bed920b19334fd269df31b (patch) | |
tree | 59c80b695ba170e37a9be4edfc2770e7b50ebea1 /openssl/ssl/s23_clnt.c | |
parent | c70e12e95b569baa2274eacfbac43dd2df40c2ae (diff) | |
download | vcxsrv-c4962abc9b5940cdd3bed920b19334fd269df31b.tar.gz vcxsrv-c4962abc9b5940cdd3bed920b19334fd269df31b.tar.bz2 vcxsrv-c4962abc9b5940cdd3bed920b19334fd269df31b.zip |
Update openssl to version openssl-1.0.1j
Conflicts:
openssl/Makefile
openssl/crypto/opensslconf.h
Diffstat (limited to 'openssl/ssl/s23_clnt.c')
-rw-r--r-- | openssl/ssl/s23_clnt.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/openssl/ssl/s23_clnt.c b/openssl/ssl/s23_clnt.c index 2b93c639d..86ab3de1c 100644 --- a/openssl/ssl/s23_clnt.c +++ b/openssl/ssl/s23_clnt.c @@ -125,9 +125,11 @@ static const SSL_METHOD *ssl23_get_client_method(int ver) if (ver == SSL2_VERSION) return(SSLv2_client_method()); #endif +#ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) return(SSLv3_client_method()); - else if (ver == TLS1_VERSION) +#endif + if (ver == TLS1_VERSION) return(TLSv1_client_method()); else if (ver == TLS1_1_VERSION) return(TLSv1_1_client_method()); @@ -698,6 +700,7 @@ static int ssl23_get_server_hello(SSL *s) { /* we have sslv3 or tls1 (server hello or alert) */ +#ifndef OPENSSL_NO_SSL3 if ((p[2] == SSL3_VERSION_MINOR) && !(s->options & SSL_OP_NO_SSLv3)) { @@ -712,7 +715,9 @@ static int ssl23_get_server_hello(SSL *s) s->version=SSL3_VERSION; s->method=SSLv3_client_method(); } - else if ((p[2] == TLS1_VERSION_MINOR) && + else +#endif + if ((p[2] == TLS1_VERSION_MINOR) && !(s->options & SSL_OP_NO_TLSv1)) { s->version=TLS1_VERSION; @@ -736,6 +741,9 @@ static int ssl23_get_server_hello(SSL *s) goto err; } + /* ensure that TLS_MAX_VERSION is up-to-date */ + OPENSSL_assert(s->version <= TLS_MAX_VERSION); + if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) { /* fatal alert */ |