Overview

File openssl-0.9.7-SSLv2-rollback-CAN-2005-2969.dif of Package compat-openssl097g

Index: doc/ssl/SSL_CTX_set_options.pod
===================================================================
RCS file: /home/cvs/openssl-cvsroot/openssl/doc/ssl/SSL_CTX_set_options.pod,v
retrieving revision 1.9.2.4
retrieving revision 1.9.2.5
diff -u -r1.9.2.4 -r1.9.2.5
--- doc/ssl/SSL_CTX_set_options.pod	22 Mar 2005 17:54:13 -0000	1.9.2.4
+++ doc/ssl/SSL_CTX_set_options.pod	11 Oct 2005 10:10:05 -0000	1.9.2.5
@@ -86,7 +86,7 @@
 
 =item SSL_OP_MSIE_SSLV2_RSA_PADDING
 
-...
+As of OpenSSL 0.9.7h and 0.9.8a, this option has no effect.
 
 =item SSL_OP_SSLEAY_080_CLIENT_DH_BUG
 
Index: ssl/s23_srvr.c
===================================================================
RCS file: /home/cvs/openssl-cvsroot/openssl/ssl/s23_srvr.c,v
retrieving revision 1.41.2.6
retrieving revision 1.41.2.7
diff -u -r1.41.2.6 -r1.41.2.7
--- ssl/s23_srvr.c	31 Jan 2005 01:33:35 -0000	1.41.2.6
+++ ssl/s23_srvr.c	11 Oct 2005 10:10:05 -0000	1.41.2.7
@@ -268,9 +268,6 @@
 	int n=0,j;
 	int type=0;
 	int v[2];
-#ifndef OPENSSL_NO_RSA
-	int use_sslv2_strong=0;
-#endif
 
 	if (s->state ==	SSL23_ST_SR_CLNT_HELLO_A)
 		{
@@ -528,9 +525,7 @@
 			}
 
 		s->state=SSL2_ST_GET_CLIENT_HELLO_A;
-		if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
-			use_sslv2_strong ||
-			(s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
+		if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
 			s->s2->ssl2_rollback=0;
 		else
 			/* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
Index: ssl/ssl.h
===================================================================
RCS file: /home/cvs/openssl-cvsroot/openssl/ssl/ssl.h,v
retrieving revision 1.126.2.23
retrieving revision 1.126.2.24
diff -u -r1.126.2.23 -r1.126.2.24
--- ssl/ssl.h	10 Jun 2005 20:00:39 -0000	1.126.2.23
+++ ssl/ssl.h	11 Oct 2005 10:10:05 -0000	1.126.2.24
@@ -467,7 +467,7 @@
 #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L
 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG		0x00000010L
 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER		0x00000020L
-#define SSL_OP_MSIE_SSLV2_RSA_PADDING			0x00000040L
+#define SSL_OP_MSIE_SSLV2_RSA_PADDING			0x00000040L /* no effect since 0.9.7h and 0.9.8b */
 #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG			0x00000080L
 #define SSL_OP_TLS_D5_BUG				0x00000100L
 #define SSL_OP_TLS_BLOCK_PADDING_BUG			0x00000200L
openSUSE Build Service is sponsored by
Places