*/
#define MAX_EMPTY_RECORDS 32
-#define SSL2_RT_HEADER_LENGTH 2
-
/*-
* Call this to buffer new input records in rl->rrec.
* It will return a OSSL_RECORD_RETURN_* value.
* rl->rstate == SSL_ST_READ_BODY, get and decode the data. Calculate
* how much more data we need to read for the rest of the record
*/
- if (thisrr->rec_version == SSL2_VERSION) {
- more = thisrr->length + SSL2_RT_HEADER_LENGTH
- - SSL3_RT_HEADER_LENGTH;
- } else {
- more = thisrr->length;
- }
+ more = thisrr->length;
if (more > 0) {
/* now rl->packet_length == SSL3_RT_HEADER_LENGTH */
/*
* At this point, rl->packet_length == SSL3_RT_HEADER_LENGTH
- * + thisrr->length, or rl->packet_length == SSL2_RT_HEADER_LENGTH
* + thisrr->length and we have that many bytes in rl->packet
*/
- if (thisrr->rec_version == SSL2_VERSION)
- thisrr->input = &(rl->packet[SSL2_RT_HEADER_LENGTH]);
- else
- thisrr->input = &(rl->packet[SSL3_RT_HEADER_LENGTH]);
+ thisrr->input = &(rl->packet[SSL3_RT_HEADER_LENGTH]);
/*
* ok, we can now read from 'rl->packet' data into 'thisrr'.
*/
/*
- * Lets just double check that we've not got an SSLv2 record
+ * Lets just double check that we've got a supported record version
*/
- if (rr->version == SSL2_VERSION) {
- /*
- * Should never happen. ssl3_get_record() should only give us an SSLv2
- * record back if this is the first packet and we are looking for an
- * initial ClientHello. Therefore |type| should always be equal to
- * |rr->type|. If not then something has gone horribly wrong
- */
+ if (rr->version < TLS1_VERSION || rr->version > TLS1_3_VERSION) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
return -1;
}
projects / thirdparty / openssl.git / commitdiff
