The branch OpenSSL_1_1_0-stable has been updated via a0f443a05dd68b9949b39b3310a595babcae4624 (commit) from f48e0ef1144c647a3159a71db114598d8fb6adc9 (commit)
- Log ----------------------------------------------------------------- commit a0f443a05dd68b9949b39b3310a595babcae4624 Author: Rich Salz <rs...@openssl.org> Date: Tue Aug 7 15:28:59 2018 -0400 Increase CT_NUMBER values Also add build-time errors to keep them in sync. Thanks to GitHub user YuDudysheva for reporting this. Reviewed-by: Richard Levitte <levi...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6874) (cherry picked from commit b5ee517794cf546dc7e3d5a82b400955a7381053) ----------------------------------------------------------------------- Summary of changes: include/openssl/ssl3.h | 10 ++++++++-- include/openssl/tls1.h | 8 +++++++- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h index 4ca434e..e51629f 100644 --- a/include/openssl/ssl3.h +++ b/include/openssl/ssl3.h @@ -252,9 +252,15 @@ extern "C" { # define SSL3_CT_FORTEZZA_DMS 20 /* * SSL3_CT_NUMBER is used to size arrays and it must be large enough to - * contain all of the cert types defined either for SSLv3 and TLSv1. + * contain all of the cert types defined for *either* SSLv3 and TLSv1. */ -# define SSL3_CT_NUMBER 9 +# define SSL3_CT_NUMBER 10 + +# if defined(TLS_CT_NUMBER) +# if TLS_CT_NUMBER != SSL3_CT_NUMBER +# error "SSL/TLS CT_NUMBER values do not match" +# endif +# endif # define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h index 3fe01fe..b536d84 100644 --- a/include/openssl/tls1.h +++ b/include/openssl/tls1.h @@ -883,7 +883,13 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see * comment there) */ -# define TLS_CT_NUMBER 9 +# define TLS_CT_NUMBER 10 + +# if defined(SSL3_CT_NUMBER) +# if TLS_CT_NUMBER != SSL3_CT_NUMBER +# error "SSL/TLS CT_NUMBER values do not match" +# endif +# endif # define TLS1_FINISH_MAC_LENGTH 12 _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits