tolerate extra data at end of client hello for SSL 3.0

PR: 659
author: Bodo Möller <bodo@openssl.org> 2003-07-21 19:17:49 +0400
committer: Bodo Möller <bodo@openssl.org> 2003-07-21 19:17:49 +0400
commit: 5cc2658cffbff48ea1990274955c18e5ad098659 (patch)
tree: 3d3fd99be43e24d58048b81defeaa2d710f90919 /ssl
parent: 2f4335ec2ba2c899b452a99585b21e04421d65fa (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 58cf774967..bb029cfa1d 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -844,6 +844,9 @@ static int ssl3_get_client_hello(SSL *s)
 		}
 
 	/* TLS does not mind if there is extra stuff */
+#if 0   /* SSL 3.0 does not mind either, so we should disable this test
+         * (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b,
+         * in earlier SSLeay/OpenSSL releases this test existed but was buggy) */
 	if (s->version == SSL3_VERSION)
 		{
 		if (p < (d+n))
@@ -855,6 +858,7 @@ static int ssl3_get_client_hello(SSL *s)
 			goto f_err;
 			}
 		}
+#endif
 
 	/* Given s->session->ciphers and SSL_get_ciphers, we must
 	 * pick a cipher */
author	Bodo Möller <bodo@openssl.org>	2003-07-21 19:17:49 +0400
committer	Bodo Möller <bodo@openssl.org>	2003-07-21 19:17:49 +0400
commit	5cc2658cffbff48ea1990274955c18e5ad098659 (patch)
tree	3d3fd99be43e24d58048b81defeaa2d710f90919 /ssl
parent	2f4335ec2ba2c899b452a99585b21e04421d65fa (diff)