diff options
| author | Sergei Golubchik <serg@mariadb.org> | 2017-10-17 10:18:17 +0200 |
|---|---|---|
| committer | Sergei Golubchik <serg@mariadb.org> | 2017-10-17 10:18:17 +0200 |
| commit | df5f25fa7a2c9f43f0506b2ef98dc00033a5c557 (patch) | |
| tree | a817540a283821a9badd4e704ca79b7c57d1d1e0 /extra/yassl/src | |
| parent | b036b6b59464524d7dd54a4c9a75b5ee8a14dbe0 (diff) | |
| parent | 1da916c37e5107b27297fc9e22c3da7772bb097d (diff) | |
| download | mariadb-git-df5f25fa7a2c9f43f0506b2ef98dc00033a5c557.tar.gz | |
Merge branch 'mysql/5.5' into 5.5
Diffstat (limited to 'extra/yassl/src')
| -rw-r--r-- | extra/yassl/src/yassl_imp.cpp | 6 | ||||
| -rw-r--r-- | extra/yassl/src/yassl_int.cpp | 14 |
2 files changed, 14 insertions, 6 deletions
diff --git a/extra/yassl/src/yassl_imp.cpp b/extra/yassl/src/yassl_imp.cpp index 5158bd2d004..85bf0afe2db 100644 --- a/extra/yassl/src/yassl_imp.cpp +++ b/extra/yassl/src/yassl_imp.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2014, Oracle and/or its affiliates + Copyright (c) 2005, 2017, Oracle and/or its affiliates. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -1578,6 +1578,10 @@ void ServerHello::Process(input_buffer& input, SSL& ssl) ssl.SetError(badVersion_error); return; } + if (cipher_suite_[0] != 0x00) { + ssl.SetError(unknown_cipher); + return; + } ssl.set_pending(cipher_suite_[1]); ssl.set_random(random_, server_end); if (id_len_) diff --git a/extra/yassl/src/yassl_int.cpp b/extra/yassl/src/yassl_int.cpp index 215628c93cc..312c00442ca 100644 --- a/extra/yassl/src/yassl_int.cpp +++ b/extra/yassl/src/yassl_int.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2014, Oracle and/or its affiliates + Copyright (c) 2005, 2017, Oracle and/or its affiliates. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -1399,12 +1399,17 @@ void SSL::matchSuite(const opaque* peer, uint length) // start with best, if a match we are good, Ciphers are at odd index // since all SSL and TLS ciphers have 0x00 first byte for (uint i = 1; i < secure_.get_parms().suites_size_; i += 2) - for (uint j = 1; j < length; j+= 2) - if (secure_.use_parms().suites_[i] == peer[j]) { + for (uint j = 0; (j + 1) < length; j+= 2) { + if (peer[j] != 0x00) { + continue; // only 0x00 first byte supported + } + + if (secure_.use_parms().suites_[i] == peer[j + 1]) { secure_.use_parms().suite_[0] = 0x00; - secure_.use_parms().suite_[1] = peer[j]; + secure_.use_parms().suite_[1] = peer[j + 1]; return; } + } SetError(match_error); } @@ -2706,4 +2711,3 @@ template mySTL::list<yaSSL::SSL_SESSION*>::iterator find_if<mySTL::list<yaSSL::S template mySTL::list<yaSSL::ThreadError>::iterator find_if<mySTL::list<yaSSL::ThreadError>::iterator, yaSSL::yassl_int_cpp_local2::thr_match>(mySTL::list<yaSSL::ThreadError>::iterator, mySTL::list<yaSSL::ThreadError>::iterator, yaSSL::yassl_int_cpp_local2::thr_match); } #endif - |