diff options
author | marha <marha@users.sourceforge.net> | 2014-10-19 11:34:57 +0200 |
---|---|---|
committer | marha <marha@users.sourceforge.net> | 2014-10-19 11:34:57 +0200 |
commit | 8cd093f61168a373d919c68e0ce4e04949fa4eb6 (patch) | |
tree | d1bc1dd33da84a22d6ab30aa9f7efb79b592ffda /openssl/ssl/s23_clnt.c | |
parent | 9fc852414dd4e841c4e2229f55a3e41abca64ac5 (diff) | |
parent | a14858a22f164b5accc4bd192a5d3de21d88e3d1 (diff) | |
download | vcxsrv-8cd093f61168a373d919c68e0ce4e04949fa4eb6.tar.gz vcxsrv-8cd093f61168a373d919c68e0ce4e04949fa4eb6.tar.bz2 vcxsrv-8cd093f61168a373d919c68e0ce4e04949fa4eb6.zip |
Merge remote-tracking branch 'origin/released'
Conflicts:
openssl/Makefile
openssl/crypto/opensslconf.h
Diffstat (limited to 'openssl/ssl/s23_clnt.c')
-rw-r--r-- | openssl/ssl/s23_clnt.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/openssl/ssl/s23_clnt.c b/openssl/ssl/s23_clnt.c index 2b93c639d..86ab3de1c 100644 --- a/openssl/ssl/s23_clnt.c +++ b/openssl/ssl/s23_clnt.c @@ -125,9 +125,11 @@ static const SSL_METHOD *ssl23_get_client_method(int ver) if (ver == SSL2_VERSION) return(SSLv2_client_method()); #endif +#ifndef OPENSSL_NO_SSL3 if (ver == SSL3_VERSION) return(SSLv3_client_method()); - else if (ver == TLS1_VERSION) +#endif + if (ver == TLS1_VERSION) return(TLSv1_client_method()); else if (ver == TLS1_1_VERSION) return(TLSv1_1_client_method()); @@ -698,6 +700,7 @@ static int ssl23_get_server_hello(SSL *s) { /* we have sslv3 or tls1 (server hello or alert) */ +#ifndef OPENSSL_NO_SSL3 if ((p[2] == SSL3_VERSION_MINOR) && !(s->options & SSL_OP_NO_SSLv3)) { @@ -712,7 +715,9 @@ static int ssl23_get_server_hello(SSL *s) s->version=SSL3_VERSION; s->method=SSLv3_client_method(); } - else if ((p[2] == TLS1_VERSION_MINOR) && + else +#endif + if ((p[2] == TLS1_VERSION_MINOR) && !(s->options & SSL_OP_NO_TLSv1)) { s->version=TLS1_VERSION; @@ -736,6 +741,9 @@ static int ssl23_get_server_hello(SSL *s) goto err; } + /* ensure that TLS_MAX_VERSION is up-to-date */ + OPENSSL_assert(s->version <= TLS_MAX_VERSION); + if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) { /* fatal alert */ |