Include some fixes from 0.9.8-stable branch.

author: Dr. Stephen Henson <steve@openssl.org> 2007-09-19 00:02:49 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2007-09-19 00:02:49 +0000
commit: f36a8c2060e3a81747fb963f01987f70754f52a2 (patch)
tree: 1bdd2456837d9dd9b6eba04523e6a76e43eff13d
parent: 90ac9ec2643b655fce3b8d9581baafb5d648fc18 (diff)
download: openssl-new-f36a8c2060e3a81747fb963f01987f70754f52a2.tar.gz
18 files changed, 149 insertions, 47 deletions
diff --git a/Configure b/Configure
index 07d5ea8e4c..1997020984 100755
--- a/Configure
+++ b/Configure
@@ -1227,9 +1227,13 @@ $cpuid_obj.=" uplink.o uplink-cof.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);
 #
 if ($target =~ /\-icc$/)	# Intel C compiler
 	{
-	my($iccver)=`$cc -V 2>&1`;
-	if ($iccver =~ /Version ([0-9]+)\./)	{ $iccver=$1; }
-	else					{ $iccver=0;  }
+	my $iccver=0;
+	if (open(FD,"$cc -V 2>&1 |"))
+		{
+		while(<FD>) { $iccver=$1 if (/Version ([0-9]+)\./); }
+		close(FD);
+		}
+
 	if ($iccver>=8)
 		{
 		# Eliminate unnecessary dependency from libirc.a. This is
@@ -1237,6 +1241,15 @@ if ($target =~ /\-icc$/)	# Intel C compiler
 		# apps/openssl can end up in endless loop upon startup...
 		$cflags.=" -Dmemcpy=__builtin_memcpy -Dmemset=__builtin_memset";
 		}
+	if ($iccver>=9)
+		{
+		$cflags.=" -i-static";
+		$cflags=~s/\-no_cpprt/-no-cpprt/;
+		}
+	if ($iccver>=10)
+		{
+		$cflags=~s/\-i\-static/-static-intel/;
+		}
 	}
 
 # Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time
diff --git a/Makefile.shared b/Makefile.shared
index 004e25dfe3..3b877b851b 100644
--- a/Makefile.shared
+++ b/Makefile.shared
@@ -466,7 +466,7 @@ link_o.hpux:
 	ALLSYMSFLAGS='-Wl,-Fl'; \
 	NOALLSYMSFLAGS=''; \
 	expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
-	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+cdp,../:,+cdp,./:"; \
 	fi; \
 	rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \
 	$(LINK_SO_O) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
@@ -479,7 +479,7 @@ link_a.hpux:
 	ALLSYMSFLAGS='-Wl,-Fl'; \
 	NOALLSYMSFLAGS=''; \
 	expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
-	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+cdp,../:,+cdp,./:"; \
 	fi; \
 	rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \
 	$(LINK_SO_A) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
diff --git a/TABLE b/TABLE
index f624369501..eee885a014 100644
--- a/TABLE
+++ b/TABLE
@@ -947,7 +947,7 @@ $arflags      =
 
 *** darwin-i386-cc
 $cc           = cc
-$cflags       = -O3 -fomit-frame-pointer -fno-common
+$cflags       = -arch i386 -O3 -fomit-frame-pointer -fno-common
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = MACOSX
@@ -967,14 +967,14 @@ $rc5_obj      =
 $dso_scheme   = dlfcn
 $shared_target= darwin-shared
 $shared_cflag = -fPIC -fno-common
-$shared_ldflag = -dynamiclib
+$shared_ldflag = -arch i386 -dynamiclib
 $shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
 $ranlib       = 
 $arflags      = 
 
 *** darwin-ppc-cc
 $cc           = cc
-$cflags       = -O3 -DB_ENDIAN
+$cflags       = -arch ppc -O3 -DB_ENDIAN
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = MACOSX
@@ -994,7 +994,61 @@ $rc5_obj      =
 $dso_scheme   = dlfcn
 $shared_target= darwin-shared
 $shared_cflag = -fPIC -fno-common
-$shared_ldflag = -dynamiclib
+$shared_ldflag = -arch ppc -dynamiclib
+$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
+$ranlib       = 
+$arflags      = 
+
+*** darwin64-ppc-cc
+$cc           = cc
+$cflags       = -arch ppc64 -O3 -DB_ENDIAN
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = MACOSX
+$lflags       = -Wl,-search_paths_first%
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
+$cpuid_obj    = ppccpuid_osx64.o
+$bn_obj       = osx_ppc64.o osx_ppc64-mont.o
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = sha1-ppc_osx64.o sha256-ppc_osx64.o sha512-ppc_osx64.o
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$dso_scheme   = 
+$shared_target= 
+$shared_cflag = dlfcn
+$shared_ldflag = darwin-shared
+$shared_extension = -fPIC -fno-common
+$ranlib       = -arch ppc64 -dynamiclib
+$arflags      = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
+
+*** darwin64-x86_64-cc
+$cc           = cc
+$cflags       = -arch x86_64 -O3 -fomit-frame-pointer -DL_ENDIAN -DMD32_REG_T=int -Wall
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = MACOSX
+$lflags       = -Wl,-search_paths_first%
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL
+$cpuid_obj    = 
+$bn_obj       = 
+$des_obj      = 
+$aes_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$dso_scheme   = dlfcn
+$shared_target= darwin-shared
+$shared_cflag = -fPIC -fno-common
+$shared_ldflag = -arch x86_64 -dynamiclib
 $shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
 $ranlib       = 
 $arflags      = 
diff --git a/apps/dgst.c b/apps/dgst.c
index 72ff877afb..9941c1365a 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -256,29 +256,33 @@ ERR_load_crypto_strings();
 		BIO_printf(bio_err,"-engine e       use engine e, possibly a hardware device.\n");
 #endif
 
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm (default)\n",
 			LN_md5,LN_md5);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_md4,LN_md4);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_md2,LN_md2);
 #ifndef OPENSSL_NO_SHA
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_sha1,LN_sha1);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_sha,LN_sha);
 #ifndef OPENSSL_NO_SHA256
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
+			LN_sha224,LN_sha224);
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_sha256,LN_sha256);
 #endif
 #ifndef OPENSSL_NO_SHA512
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
+			LN_sha384,LN_sha384);
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_sha512,LN_sha512);
 #endif
 #endif
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_mdc2,LN_mdc2);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_ripemd160,LN_ripemd160);
 		err=1;
 		goto end;
diff --git a/crypto/aes/aes_ige.c b/crypto/aes/aes_ige.c
index 8b5b36bacc..45d7096181 100644
--- a/crypto/aes/aes_ige.c
+++ b/crypto/aes/aes_ige.c
@@ -62,9 +62,11 @@ typedef struct {
 /* XXX: probably some better way to do this */
 #if defined(__i386__) || defined(__x86_64__)
 #define UNALIGNED_MEMOPS_ARE_FAST 1
+#else
+#define UNALIGNED_MEMOPS_ARE_FAST 0
 #endif
 
-#ifdef UNALIGNED_MEMOPS_ARE_FAST
+#if UNALIGNED_MEMOPS_ARE_FAST
 #define load_block(d, s)        (d) = *(const aes_block_t *)(s)
 #define store_block(d, s)       *(aes_block_t *)(d) = (s)
 #else
@@ -89,7 +91,8 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
 
 	if (AES_ENCRYPT == enc)
 		{
-		if (in != out)
+		if (in != out &&
+		    (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
 			{
 			aes_block_t *ivp = (aes_block_t *)ivec;
 			aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
@@ -143,7 +146,8 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
 		}
 	else
 		{
-		if(in != out)
+		if (in != out &&
+		    (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
 			{
 			aes_block_t *ivp = (aes_block_t *)ivec;
 			aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c
index 4857cfe0ce..3a87b0ec0b 100644
--- a/crypto/bio/b_print.c
+++ b/crypto/bio/b_print.c
@@ -79,7 +79,7 @@
 #include <openssl/bn.h>         /* To get BN_LLONG properly defined */
 #include <openssl/bio.h>
 
-#ifdef BN_LLONG
+#if defined(BN_LLONG) || defined(SIXTY_FOUR_BIT)
 # ifndef HAVE_LONG_LONG
 #  define HAVE_LONG_LONG 1
 # endif
@@ -117,7 +117,7 @@
 
 #if HAVE_LONG_LONG
 # if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__)
-# define LLONG _int64
+# define LLONG __int64
 # else
 # define LLONG long long
 # endif
diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c
index 4b3860b991..cd78de1e87 100644
--- a/crypto/bio/b_sock.c
+++ b/crypto/bio/b_sock.c
@@ -456,9 +456,6 @@ int BIO_sock_init(void)
 		{
 		int err;
 	  
-#ifdef SIGINT
-		signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
-#endif
 		wsa_init_done=1;
 		memset(&wsa_state,0,sizeof(wsa_state));
 		if (WSAStartup(0x0101,&wsa_state)!=0)
@@ -484,11 +481,6 @@ int BIO_sock_init(void)
 
     if (!wsa_init_done)
     {
-   
-# ifdef SIGINT
-        signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
-# endif
-
         wsa_init_done=1;
         wVerReq = MAKEWORD( 2, 0 );
         err = WSAStartup(wVerReq,&wsaData);
@@ -511,7 +503,7 @@ void BIO_sock_cleanup(void)
 		{
 		wsa_init_done=0;
 #ifndef OPENSSL_SYS_WINCE
-		WSACancelBlockingCall();
+		WSACancelBlockingCall();	/* Winsock 1.1 specific */
 #endif
 		WSACleanup();
 		}
diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h
index 2c9e8a7c80..0362bb90ca 100644
--- a/crypto/bio/bio.h
+++ b/crypto/bio/bio.h
@@ -129,8 +129,8 @@ extern "C" {
 /* dgram BIO stuff */
 #define BIO_CTRL_DGRAM_CONNECT       31  /* BIO dgram special */
 #define BIO_CTRL_DGRAM_SET_CONNECTED 32  /* allow for an externally
-										  * connected socket to be
-										  * passed in */ 
+					  * connected socket to be
+					  * passed in */ 
 #define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */
 #define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */
 #define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */
@@ -146,14 +146,14 @@ extern "C" {
 #define BIO_CTRL_DGRAM_QUERY_MTU          40 /* as kernel for current MTU */
 #define BIO_CTRL_DGRAM_GET_MTU            41 /* get cached value for MTU */
 #define BIO_CTRL_DGRAM_SET_MTU            42 /* set cached value for
-											  * MTU. want to use this
-                                              * if asking the kernel
-                                              * fails */
+					      * MTU. want to use this
+					      * if asking the kernel
+					      * fails */
 
 #define BIO_CTRL_DGRAM_MTU_EXCEEDED       43 /* check whether the MTU
-											  * was exceed in the
-											  * previous write
-											  * operation */
+					      * was exceed in the
+					      * previous write
+					      * operation */
 
 #define BIO_CTRL_DGRAM_SET_PEER           44 /* Destination for the data */
 
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index a8ec134145..46b6eddf45 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -299,6 +299,8 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
 		}
 	for (ri+=4; i<ri; i++)
 		rp[i]=nrp[i], ap[i]=0;
+	bn_correct_top(r);
+	bn_correct_top(ret);
 # else
 	if (bn_wexpand(ret,al) == NULL) goto err;
 	ret->top=al;
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
index 5bab019553..7b25979dd1 100644
--- a/crypto/bn/bn_prime.c
+++ b/crypto/bn/bn_prime.c
@@ -377,14 +377,14 @@ static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
 static int probable_prime(BIGNUM *rnd, int bits)
 	{
 	int i;
-	BN_ULONG mods[NUMPRIMES];
+	prime_t mods[NUMPRIMES];
 	BN_ULONG delta,maxdelta;
 
 again:
 	if (!BN_rand(rnd,bits,1,1)) return(0);
 	/* we now have a random number 'rand' to test. */
 	for (i=1; i<NUMPRIMES; i++)
-		mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]);
+		mods[i]=(prime_t)BN_mod_word(rnd,(BN_ULONG)primes[i]);
 	maxdelta=BN_MASK2 - primes[NUMPRIMES-1];
 	delta=0;
 	loop: for (i=1; i<NUMPRIMES; i++)
diff --git a/crypto/bn/bn_prime.h b/crypto/bn/bn_prime.h
index b7cf9a9bfe..51d2194feb 100644
--- a/crypto/bn/bn_prime.h
+++ b/crypto/bn/bn_prime.h
@@ -58,10 +58,12 @@
 
 #ifndef EIGHT_BIT
 #define NUMPRIMES 2048
+typedef unsigned short prime_t;
 #else
 #define NUMPRIMES 54
+typedef unsigned char prime_t;
 #endif
-static const unsigned int primes[NUMPRIMES]=
+static const prime_t primes[NUMPRIMES]=
 	{
 	   2,   3,   5,   7,  11,  13,  17,  19,
 	  23,  29,  31,  37,  41,  43,  47,  53,
diff --git a/crypto/bn/bn_prime.pl b/crypto/bn/bn_prime.pl
index e583d1d53b..3fafb6f3e9 100644
--- a/crypto/bn/bn_prime.pl
+++ b/crypto/bn/bn_prime.pl
@@ -101,10 +101,12 @@ for ($i=0; $i <= $#primes; $i++)
 
 printf "#ifndef EIGHT_BIT\n";
 printf "#define NUMPRIMES %d\n",$num;
+printf "typedef unsigned short prime_t;\n";
 printf "#else\n";
 printf "#define NUMPRIMES %d\n",$eight;
+printf "typedef unsigned char prime_t;\n";
 printf "#endif\n";
-print "static const unsigned int primes[NUMPRIMES]=\n\t{\n\t";
+print "static const prime_t primes[NUMPRIMES]=\n\t{\n\t";
 $init=0;
 for ($i=0; $i <= $#primes; $i++)
 	{
diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
index 7b9dda657c..65c3b36524 100644
--- a/crypto/des/set_key.c
+++ b/crypto/des/set_key.c
@@ -116,7 +116,7 @@ int DES_check_key_parity(const_DES_cblock *key)
  * (and actual cblock values).
  */
 #define NUM_WEAK_KEY	16
-static DES_cblock weak_keys[NUM_WEAK_KEY]={
+static const DES_cblock weak_keys[NUM_WEAK_KEY]={
 	/* weak keys */
 	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
 	{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
diff --git a/crypto/pqueue/pq_compat.h b/crypto/pqueue/pq_compat.h
index 28c58a0261..fd36578882 100644
--- a/crypto/pqueue/pq_compat.h
+++ b/crypto/pqueue/pq_compat.h
@@ -57,7 +57,7 @@
  *
  */
 
-#include "opensslconf.h"
+#include <openssl/opensslconf.h>
 #include <openssl/bn.h>
 
 /* 
diff --git a/doc/apps/enc.pod b/doc/apps/enc.pod
index c43da5b3f1..4391c93360 100644
--- a/doc/apps/enc.pod
+++ b/doc/apps/enc.pod
@@ -227,6 +227,14 @@ Blowfish and RC5 algorithms use a 128 bit key.
  rc5-ecb            RC5 cipher in ECB mode
  rc5-ofb            RC5 cipher in OFB mode
 
+ aes-[128|192|256]-cbc	128/192/256 bit AES in CBC mode
+ aes-[128|192|256]	Alias for aes-[128|192|256]-cbc
+ aes-[128|192|256]-cfb	128/192/256 bit AES in 128 bit CFB mode
+ aes-[128|192|256]-cfb1	128/192/256 bit AES in 1 bit CFB mode
+ aes-[128|192|256]-cfb8	128/192/256 bit AES in 8 bit CFB mode
+ aes-[128|192|256]-ecb	128/192/256 bit AES in ECB mode
+ aes-[128|192|256]-ofb	128/192/256 bit AES in OFB mode
+
 =head1 EXAMPLES
 
 Just base64 encode a binary file:
diff --git a/doc/apps/openssl.pod b/doc/apps/openssl.pod
index dc0f49ddca..964cdf0f02 100644
--- a/doc/apps/openssl.pod
+++ b/doc/apps/openssl.pod
@@ -227,6 +227,22 @@ SHA Digest
 
 SHA-1 Digest
 
+=item B<sha224>
+
+SHA-224 Digest
+
+=item B<sha256>
+
+SHA-256 Digest
+
+=item B<sha384>
+
+SHA-384 Digest
+
+=item B<sha512>
+
+SHA-512 Digest
+
 =back
 
 =head2 ENCODING AND CIPHER COMMANDS
diff --git a/doc/apps/rsautl.pod b/doc/apps/rsautl.pod
index a7c1681d98..1a498c2f62 100644
--- a/doc/apps/rsautl.pod
+++ b/doc/apps/rsautl.pod
@@ -152,7 +152,7 @@ The final BIT STRING contains the actual signature. It can be extracted with:
 
 The certificate public key can be extracted with:
  
- openssl x509 -in test/testx509.pem -pubout -noout >pubkey.pem
+ openssl x509 -in test/testx509.pem -pubkey -noout >pubkey.pem
 
 The signature can be analysed with:
 
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 475e6095fd..ff27b4b467 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -1009,6 +1009,7 @@ int dtls1_send_certificate_request(SSL *s)
 	STACK_OF(X509_NAME) *sk=NULL;
 	X509_NAME *name;
 	BUF_MEM *buf;
+	unsigned int msg_len;
 
 	if (s->state == SSL3_ST_SW_CERT_REQ_A)
 		{
@@ -1086,6 +1087,10 @@ int dtls1_send_certificate_request(SSL *s)
 #endif
 
 		/* XDTLS:  set message header ? */
+		msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH;
+		dtls1_set_message_header(s, s->init_buf->data,
+			SSL3_MT_CERTIFICATE_REQUEST, msg_len, 0, msg_len);
+
 		/* buffer the message to handle re-xmits */
 		dtls1_buffer_message(s, 0);
author	Dr. Stephen Henson <steve@openssl.org>	2007-09-19 00:02:49 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2007-09-19 00:02:49 +0000
commit	f36a8c2060e3a81747fb963f01987f70754f52a2 (patch)
tree	1bdd2456837d9dd9b6eba04523e6a76e43eff13d
parent	90ac9ec2643b655fce3b8d9581baafb5d648fc18 (diff)
download	openssl-new-f36a8c2060e3a81747fb963f01987f70754f52a2.tar.gz