diff options
| -rw-r--r-- | CHANGES | 7 | ||||
| -rw-r--r-- | ssl/ssl_locl.h | 3 |
2 files changed, 8 insertions, 2 deletions
@@ -5,12 +5,17 @@ Changes between 0.9.2b and 0.9.3 + *) Fix new 56-bit DES export ciphersuites: they were using 7 bytes instead of + 8 of keying material. Merlin has also confirmed interop with this fix + between OpenSSL and Baltimore C/SSL 2.0 and J/SSL 2.0. + [Merlin Hughes <merlin@baltimore.ie>] + *) Fix lots of warnings. [Richard Levitte <levitte@stacken.kth.se>] *) In add_cert_dir() in crypto/x509/by_dir.c, break out of the loop if the directory spec didn't end with a LIST_SEPARATOR_CHAR. - [Richard Levitte <levitte@stacken.kth.se>] + [Richard Levitte <levitte@stacken.kth.se>] *) Fix problems with sizeof(long) == 8. [Andy Polyakov <appro@fy.chalmers.se>] diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 870dcf27de..b5f25588fd 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -201,7 +201,8 @@ #define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algorithms) #define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algorithms) #define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algorithms) -#define SSL_EXPORT_KEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 5 : 7) +#define SSL_EXPORT_KEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 5 : \ + ((a)&SSL_ENC_MASK) == SSL_DES ? 8 : 7) #define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024) #define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithms) #define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algorithms) |