Updated to following packages:

freetype-2.4.10 libXaw-1.0.11 openssl-1.0.1c
author: marha <marha@users.sourceforge.net> 2012-06-15 14:04:46 +0200
committer: marha <marha@users.sourceforge.net> 2012-06-15 14:04:46 +0200
commit: a33de30073bfa0ee1abba186dba9fa52cf0aa23a (patch)
tree: 9eae122e901b9a1d1c7cfcfc2385202793a1f92a /openssl/ssl/s3_clnt.c
parent: 7a2af605c2c2b0d2e9bbb0b161eba8842acefbcb (diff)
download: vcxsrv-a33de30073bfa0ee1abba186dba9fa52cf0aa23a.tar.gz
vcxsrv-a33de30073bfa0ee1abba186dba9fa52cf0aa23a.tar.bz2
vcxsrv-a33de30073bfa0ee1abba186dba9fa52cf0aa23a.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/openssl/ssl/s3_clnt.c b/openssl/ssl/s3_clnt.c
index 4511a914a..b80d052e1 100644
--- a/openssl/ssl/s3_clnt.c
+++ b/openssl/ssl/s3_clnt.c
@@ -755,6 +755,15 @@ int ssl3_client_hello(SSL *s)
 			SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
 			goto err;
 			}
+#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
+			/* Some servers hang if client hello > 256 bytes
+			 * as hack workaround chop number of supported ciphers
+			 * to keep it well below this if we use TLS v1.2
+			 */
+			if (TLS1_get_version(s) >= TLS1_2_VERSION
+				&& i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+				i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+#endif
 		s2n(i,p);
 		p+=i;
author	marha <marha@users.sourceforge.net>	2012-06-15 14:04:46 +0200
committer	marha <marha@users.sourceforge.net>	2012-06-15 14:04:46 +0200
commit	a33de30073bfa0ee1abba186dba9fa52cf0aa23a (patch)
tree	9eae122e901b9a1d1c7cfcfc2385202793a1f92a /openssl/ssl/s3_clnt.c
parent	7a2af605c2c2b0d2e9bbb0b161eba8842acefbcb (diff)
download	vcxsrv-a33de30073bfa0ee1abba186dba9fa52cf0aa23a.tar.gz vcxsrv-a33de30073bfa0ee1abba186dba9fa52cf0aa23a.tar.bz2 vcxsrv-a33de30073bfa0ee1abba186dba9fa52cf0aa23a.zip