diff options
author | Alessandro Ghedini <alessandro@ghedini.me> | 2015-10-23 17:55:27 +0200 |
---|---|---|
committer | Alessandro Ghedini <alessandro@ghedini.me> | 2015-10-23 18:41:04 +0200 |
commit | dad0b512e649336440e2b3cc9d667c56d9a91eff (patch) | |
tree | 2172dcf1d479b926d49d30c567d23ae0fe511b57 /bugs/sslref.dif | |
parent | 8cbb048c3ea416f2bd8a3706d027f3aa26ef08d9 (diff) |
Remove bugs/ and crypto/threads/
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'bugs/sslref.dif')
-rw-r--r-- | bugs/sslref.dif | 26 |
1 files changed, 0 insertions, 26 deletions
diff --git a/bugs/sslref.dif b/bugs/sslref.dif deleted file mode 100644 index 0817009bb4..0000000000 --- a/bugs/sslref.dif +++ /dev/null @@ -1,26 +0,0 @@ -The February 9th, 1995 version of the SSL document differs from -https://www.netscape.com in the following ways. -===== -The key material for generating a SSL_CK_DES_64_CBC_WITH_MD5 key is -KEY-MATERIAL-0 = MD5[MASTER-KEY,"0",CHALLENGE,CONNECTION-ID] -not -KEY-MATERIAL-0 = MD5[MASTER-KEY,CHALLENGE,CONNECTION-ID] -as specified in the documentation. -===== -From the section 2.6 Server Only Protocol Messages - -If the SESSION-ID-HIT flag is non-zero then the CERTIFICATE-TYPE, -CERTIFICATE-LENGTH and CIPHER-SPECS-LENGTH fields will be zero. - -This is not true for https://www.netscape.com. The CERTIFICATE-TYPE -is returned as 1. -===== -I have not tested the following but it is reported by holtzman@mit.edu. - -SSLref clients wait to receive a server-verify before they send a -client-finished. Besides this not being evident from the examples in -2.2.1, it makes more sense to always send all packets you can before -reading. SSLeay was waiting in the server to receive a client-finish -before sending the server-verify :-). I have changed SSLeay to send a -server-verify before trying to read the client-finished. - |