sc_clnt.c changes from 0.9.6d to 0.9.6g

Wed, 14 Aug 2002 13:54:34 -0700 


Sorry, I don't know exactly which version these changes were made in.
I am upgrading from version `d' to version `g'.

I have the following differences in s3_clnt.c.  The problems are that
the cryptlib.h header is in the crypto directory.  Should I put this
on the include path when building the SSL library or would it make
more sense to use the "openssl" copy.  Ie, change,

    `#include "cryptlib.h"' 
to 

    `#include <openssl/cryptlib.h>'

The other thing is that the sizeof operation produces an "unsigned
int" and the variables they are being compared to are ints.  So I
changed this,

+       if (i > sizeof s->session->session_id)

to 

+       if (i > (int)sizeof s->session->session_id)

I am compiling the libraries with GCC "2.7.9-970819 egcs-971225
tornado 2.0" and have all warnings and treat them as errors (-Wall
-Werror).  Are the *nix version compiling with warnings?  Perhaps the
cast should have been on `i', now that I think about it as the
structure size is invariant (and less than MAX_INT).

There are a few other things, but porting between versions is pretty
easy.

Thanks,
Bill Pringlemeir.

*** c:/TEMP/s3_clnt.c.~1.2~     Wed Aug 14 17:09:00 2002
--- c:/TEMP/s3_clnt.c   Wed Aug 14 17:09:00 2002
***************
*** 117,122 ****
--- 117,123 ----
  #include "ssl_locl.h"
+ #include "cryptlib.h"
  
  static SSL_METHOD *ssl3_get_client_method(int ver);
***************
*** 545,550 ****
--- 546,556 ----
                if (i != 0)
                        {
+                       if (i > (int)sizeof s->session->session_id)
+                               {
+                               SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_INTERNAL_ERROR);
+                               goto err;
+                               }
                        memcpy(p,s->session->session_id,i);
                        p+=i;
                        }
***************
*** 625,630 ****
--- 631,644 ----
  
        /* get the session-id */
        j= *(p++);
+ 
+        if(j > sizeof s->session->session_id)
+                {
+                al=SSL_AD_ILLEGAL_PARAMETER;
+                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+                       SSL_R_SSL3_SESSION_ID_TOO_LONG);
+                goto f_err;
+                }
  
        if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))
                {

-- 
It is reasoning and faith that bind truth .  - Rod Ryker...

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to