Merge zippy.(none):/home/cmiller/work/mysql/merge/tmp_merge

into zippy.(none):/home/cmiller/work/mysql/merge/mysql-5.1-new BitKeeper/etc/ignore: auto-union client/mysql.cc: Auto merged include/config-win.h: Auto merged include/my_global.h: Auto merged mysql-test/r/create.result: Auto merged mysql-test/t/create.test: Auto merged sql/table.cc: Null-merged, as this doesn't apply after 5.1.4 . -cm
author: unknown <cmiller@zippy.(none)> 2006-06-13 16:06:35 -0400
committer: unknown <cmiller@zippy.(none)> 2006-06-13 16:06:35 -0400
commit: 4b639b6c58c2dacb449118e29fc480aca9a6fe48 (patch)
tree: 8719a5a0706de5334b4142c3a7f4efeec5419444 /extra
parent: dd02c9d2e43487b51f84c06f3d3232557953f431 (diff)
parent: 6a46bf820d3cef208d4bd5986def30a967bd7710 (diff)
download: mariadb-git-4b639b6c58c2dacb449118e29fc480aca9a6fe48.tar.gz
4 files changed, 47 insertions, 9 deletions
diff --git a/extra/yassl/README b/extra/yassl/README
index 62209723f66..a5ff70aa6f6 100644
--- a/extra/yassl/README
+++ b/extra/yassl/README
@@ -1,4 +1,14 @@
-yaSSL Release notes, version 1.3.0 (04/26/06)
+yaSSL Release notes, version 1.3.5 (06/01/06)
+
+
+    This release of yaSSL contains bug fixes, portability enhancements,
+    better libcurl support, and improved non-blocking I/O.
+
+See normal  build instructions below under 1.0.6.
+See libcurl build instructions below under 1.3.0.
+
+
+********************yaSSL Release notes, version 1.3.0 (04/26/06)
 
 
     This release of yaSSL contains minor bug fixes, portability enhancements,
@@ -17,8 +27,8 @@ See normal build instructions below under 1.0.6.
     make
     make openssl-links
 
-    (then go to your libcurl home and tell libcurl about yaSSL)
-    ./configure --with-ssl=/yaSSL-HomeDir
+    (then go to your libcurl home and tell libcurl about yaSSL build dir)
+    ./configure --with-ssl=/yaSSL-BuildDir LDFLAGS=-lm
     make
 
 
diff --git a/extra/yassl/include/openssl/engine.h b/extra/yassl/include/openssl/engine.h
new file mode 100644
index 00000000000..39952fcae84
--- /dev/null
+++ b/extra/yassl/include/openssl/engine.h
@@ -0,0 +1,5 @@
+/* engine.h for libcurl */
+
+#undef HAVE_OPENSSL_ENGINE_H
+
+
diff --git a/extra/yassl/include/openssl/pkcs12.h b/extra/yassl/include/openssl/pkcs12.h
new file mode 100644
index 00000000000..e452fc879c4
--- /dev/null
+++ b/extra/yassl/include/openssl/pkcs12.h
@@ -0,0 +1,5 @@
+/* pkcs12.h for libcurl */
+
+
+#undef HAVE_OPENSSL_PKCS12_H
+
diff --git a/extra/yassl/src/handshake.cpp b/extra/yassl/src/handshake.cpp
index 2b099af930c..12b62f26e14 100644
--- a/extra/yassl/src/handshake.cpp
+++ b/extra/yassl/src/handshake.cpp
@@ -458,6 +458,11 @@ void ProcessOldClientHello(input_buffer& input, SSL& ssl)
 
     uint16 sz = ((b0 & 0x7f) << 8) | b1;
 
+    if (sz > input.get_remaining()) {
+        ssl.SetError(bad_input);
+        return;
+    }
+
     // hashHandShake manually
     const opaque* buffer = input.get_buffer() + input.get_current();
     ssl.useHashes().use_MD5().update(buffer, sz);
@@ -681,25 +686,38 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
     // old style sslv2 client hello?
     if (ssl.getSecurity().get_parms().entity_ == server_end &&
                   ssl.getStates().getServer() == clientNull) 
-        if (buffer.peek() != handshake)
+        if (buffer.peek() != handshake) {
             ProcessOldClientHello(buffer, ssl);
+            if (ssl.GetError()) {
+                buffered.reset(0);
+                return buffered;
+            }
+        }
 
     while(!buffer.eof()) {
         // each record
         RecordLayerHeader hdr;
+        bool              needHdr = false;
+
+        if (static_cast<uint>(RECORD_HEADER) > buffer.get_remaining())
+            needHdr = true;
+        else {
         buffer >> hdr;
         ssl.verifyState(hdr);
+        }
 
         // make sure we have enough input in buffer to process this record
-        if (hdr.length_ > buffer.get_remaining()) { 
-            uint sz = buffer.get_remaining() + RECORD_HEADER;
+        if (needHdr || hdr.length_ > buffer.get_remaining()) {
+            // put header in front for next time processing
+            uint extra = needHdr ? 0 : RECORD_HEADER;
+            uint sz = buffer.get_remaining() + extra;
             buffered.reset(NEW_YS input_buffer(sz, buffer.get_buffer() +
-                           buffer.get_current() - RECORD_HEADER, sz));
+                           buffer.get_current() - extra, sz));
             break;
         }
 
         while (buffer.get_current() < hdr.length_ + RECORD_HEADER + offset) {
-            // each message in record
+            // each message in record, can be more than 1 if not encrypted
             if (ssl.getSecurity().get_parms().pending_ == false) // cipher on
                 decrypt_message(ssl, buffer, hdr.length_);
             mySTL::auto_ptr<Message> msg(mf.CreateObject(hdr.type_), ysDelete);
@@ -717,7 +735,7 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
         }
         offset += hdr.length_ + RECORD_HEADER;
     }
-    return buffered;  // done, don't call again
+    return buffered;
 }
author	unknown <cmiller@zippy.(none)>	2006-06-13 16:06:35 -0400
committer	unknown <cmiller@zippy.(none)>	2006-06-13 16:06:35 -0400
commit	4b639b6c58c2dacb449118e29fc480aca9a6fe48 (patch)
tree	8719a5a0706de5334b4142c3a7f4efeec5419444 /extra
parent	dd02c9d2e43487b51f84c06f3d3232557953f431 (diff)
parent	6a46bf820d3cef208d4bd5986def30a967bd7710 (diff)
download	mariadb-git-4b639b6c58c2dacb449118e29fc480aca9a6fe48.tar.gz