diff options
author | Bodo Möller <bodo@openssl.org> | 2000-02-21 10:16:30 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2000-02-21 10:16:30 +0000 |
commit | 745c70e5658d176a87965526d8839a7da79a6240 (patch) | |
tree | 28a773e16a41d2a732768259aa887b1f3867e65c /CHANGES | |
parent | 9dd2b2a94092a4a467f9a5fde6973b4df872fd6b (diff) |
Move MAC computations for Finished from ssl3_read_bytes into
ssl3_get_message, which is more logical (and avoids a bug,
in addition to the one that I introduced yesterday :-)
and makes Microsoft "fast SGC" less special.
MS SGC should still work now without an extra state of its own
(it goes directly to SSL3_ST_SR_CLNT_HELLO_C, which is the usual state
for reading the body of a Client Hello message), however this should
be tested to make sure, and I don't have a MS SGC client.
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 19 |
1 files changed, 17 insertions, 2 deletions
@@ -4,6 +4,22 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 2000] + *) ..._ctrl functions now have corresponding ..._callback_ctrl functions + where the 'void *' argument is replaced by a function pointer argument. + Previously 'void *' was abused to point to functions, which works on + many platforms, but is not correct. As these functions are usually + called by macros defined in OpenSSL header files, most source code + should work without changes. + + *) <openssl/opensslconf.h> (which is created by Configure) now contains + sections with information on -D... compiler switches used for + compiling the library so that applications can see them. To enable + one of these sections, a pre-processor symbol OPENSSL_..._DEFINES + must be defined. E.g., + #define OPENSSL_ALGORITHM_DEFINES + #include <openssl/opensslconf.h> + defines all pertinent NO_<algo> symbols, such as NO_IDEA, NO_RSA, etc. + *) Bugfix: Tolerate fragmentation and interleaving in the SSL 3/TLS record layer. [Bodo Moeller] @@ -341,8 +357,7 @@ To get OpenSSL to support MS SGC we have to permit a second client hello message after we have sent server done. In addition we have to - reset the MAC if we do get this second client hello and include the - data just received. + reset the MAC if we do get this second client hello. [Steve Henson] *) Add a function 'd2i_AutoPrivateKey()' this will automatically decide |