Changes between 0.9.7d and 0.9.7e [XX xxx XXXX]
+ *) Various fixes to s3_pkt.c so alerts are sent properly.
+ [David Holmes <d.holmes@f5.com>]
+
*) Reduce the chances of duplicate issuer name and serial numbers (in
violation of RFC3280) using the OpenSSL certificate creation utilities.
This is done by creating a random 64 bit value for the initial serial
{
al=SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
- goto err;
+ goto f_err;
}
/* If the other end has shut down, throw anything we read away
{
al=SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST);
- goto err;
+ goto f_err;
}
if (s->msg_callback)
if ( (rr->length != 1) || (rr->off != 0) ||
(rr->data[0] != SSL3_MT_CCS))
{
- i=SSL_AD_ILLEGAL_PARAMETER;
+ al=SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
- goto err;
+ goto f_err;
}
/* Check we have a cipher to change to */
if (s->s3->tmp.new_cipher == NULL)
{
- i=SSL_AD_UNEXPECTED_MESSAGE;
+ al=SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
- goto err;
+ goto f_err;
}
rr->length=0;
projects / openssl / commitdiff