diff options
author | delphij <delphij@FreeBSD.org> | 2015-02-25 05:56:16 +0000 |
---|---|---|
committer | delphij <delphij@FreeBSD.org> | 2015-02-25 05:56:16 +0000 |
commit | b69ba8fe10a0df78165b9e34091ed7cadb989de2 (patch) | |
tree | 0d1cd5f4c2b24bd9f8b8387ba6ad41aeb8b5d8e4 /crypto/openssl/ssl/ssl_lib.c | |
parent | 02d2873b419d69120c7ee1b98d152a5c0931f043 (diff) | |
download | FreeBSD-src-b69ba8fe10a0df78165b9e34091ed7cadb989de2.zip FreeBSD-src-b69ba8fe10a0df78165b9e34091ed7cadb989de2.tar.gz |
Fix integer overflow in IGMP protocol. [SA-15:04]
Fix vt(4) crash with improper ioctl parameters. [EN-15:01]
Updated base system OpenSSL to 1.0.1l. [EN-15:02]
Fix freebsd-update libraries update ordering issue. [EN-15:03]
Approved by: so
Diffstat (limited to 'crypto/openssl/ssl/ssl_lib.c')
-rw-r--r-- | crypto/openssl/ssl/ssl_lib.c | 24 |
1 files changed, 3 insertions, 21 deletions
diff --git a/crypto/openssl/ssl/ssl_lib.c b/crypto/openssl/ssl/ssl_lib.c index 4be1c5d..4a62b4a 100644 --- a/crypto/openssl/ssl/ssl_lib.c +++ b/crypto/openssl/ssl/ssl_lib.c @@ -383,13 +383,7 @@ SSL *SSL_new(SSL_CTX *ctx) return(s); err: if (s != NULL) - { - if (s->cert != NULL) - ssl_cert_free(s->cert); - if (s->ctx != NULL) - SSL_CTX_free(s->ctx); /* decrement reference count */ - OPENSSL_free(s); - } + SSL_free(s); SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE); return(NULL); } @@ -1080,19 +1074,6 @@ long SSL_ctrl(SSL *s,int cmd,long larg,void *parg) l=s->max_cert_list; s->max_cert_list=larg; return(l); - case SSL_CTRL_SET_MTU: -#ifndef OPENSSL_NO_DTLS1 - if (larg < (long)dtls1_min_mtu()) - return 0; -#endif - - if (SSL_version(s) == DTLS1_VERSION || - SSL_version(s) == DTLS1_BAD_VER) - { - s->d1->mtu = larg; - return larg; - } - return 0; case SSL_CTRL_SET_MAX_SEND_FRAGMENT: if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH) return 0; @@ -1507,6 +1488,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INAPPROPRIATE_FALLBACK); goto err; } + p += n; continue; } @@ -2112,7 +2094,7 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher) #ifdef CIPHER_DEBUG - printf("rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n", + fprintf(stderr,"rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n", rsa_tmp,rsa_tmp_export,dh_tmp,have_ecdh_tmp, rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa); #endif |