s3_srvr.c (100936) | s3_srvr.c (101615) |
---|---|
1/* ssl/s3_srvr.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 935 unchanged lines hidden (view full) --- 944 * session-id if we want it to be single use. 945 * Currently I will not implement the '0' length session-id 946 * 12-Jan-98 - I'll now support the '0' length stuff. 947 */ 948 if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)) 949 s->session->session_id_length=0; 950 951 sl=s->session->session_id_length; | 1/* ssl/s3_srvr.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 935 unchanged lines hidden (view full) --- 944 * session-id if we want it to be single use. 945 * Currently I will not implement the '0' length session-id 946 * 12-Jan-98 - I'll now support the '0' length stuff. 947 */ 948 if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)) 949 s->session->session_id_length=0; 950 951 sl=s->session->session_id_length; |
952 die(sl <= sizeof s->session->session_id); | 952 if (sl > sizeof s->session->session_id) 953 { 954 SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, SSL_R_INTERNAL_ERROR); 955 return -1; 956 } |
953 *(p++)=sl; 954 memcpy(p,s->session->session_id,sl); 955 p+=sl; 956 957 /* put the cipher */ 958 i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p); 959 p+=i; 960 --- 904 unchanged lines hidden --- | 957 *(p++)=sl; 958 memcpy(p,s->session->session_id,sl); 959 p+=sl; 960 961 /* put the cipher */ 962 i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p); 963 p+=i; 964 --- 904 unchanged lines hidden --- |