On Fri, Sep 08, 2000 at 05:44:35PM +0800, Fung wrote:
> I have found that there is a serious bug located in the static
> function ssl3_get_record in s3_pkt.c. The fault is that the function
> NEVER gets the version number of SSL and MUST returns "wrong version
> number" error. That means if I create SSL_CTX with SSLv3_method,
> then I get "wrong version number" error for all connections. (Very
> non-sense) Please let me know how to fix it. Thanks
I don't quite understand what the problem is that you say you have
observed -- 'openssl s_server -ssl3' and 'openssl s_client -ssl3'
certainly work, and they do use SSLv3_method.
SSLv3_data (ssl/s3_lib.c) starts with a 'version' component of SSL3_VERSION,
and this is copied into the SSL by SSL_clear (ssl/ssl_lib.c), which is
automatically invoked by SSL_new. So s3_pkt.c *does* have access to
the correct version number.
--
Bodo Möller <[EMAIL PROTECTED]>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
