Add comments explaining what NETSCAPE_HANG_BUG does.
(Or should we just drop this? It only matters for servers trying to use client auth.) Change-Id: I50b6999375dc8f9246bf617f17929ae304503c57 Reviewed-on: https://boringssl-review.googlesource.com/2602 Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
parent
07046a0946
commit
bf42f82ad9
@ -465,6 +465,8 @@ int ssl3_accept(SSL *s)
|
|||||||
#ifndef NETSCAPE_HANG_BUG
|
#ifndef NETSCAPE_HANG_BUG
|
||||||
s->state=SSL3_ST_SW_SRVR_DONE_A;
|
s->state=SSL3_ST_SW_SRVR_DONE_A;
|
||||||
#else
|
#else
|
||||||
|
/* ServerHelloDone was already sent in the
|
||||||
|
* previous record. */
|
||||||
s->state=SSL3_ST_SW_FLUSH;
|
s->state=SSL3_ST_SW_FLUSH;
|
||||||
s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
|
s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
|
||||||
#endif
|
#endif
|
||||||
@ -1883,6 +1885,8 @@ int ssl3_send_certificate_request(SSL *s)
|
|||||||
#ifdef NETSCAPE_HANG_BUG
|
#ifdef NETSCAPE_HANG_BUG
|
||||||
if (!SSL_IS_DTLS(s))
|
if (!SSL_IS_DTLS(s))
|
||||||
{
|
{
|
||||||
|
/* Prepare a ServerHelloDone in the same record. This is
|
||||||
|
* to workaround a hang in Netscape. */
|
||||||
if (!BUF_MEM_grow_clean(buf, s->init_num + 4))
|
if (!BUF_MEM_grow_clean(buf, s->init_num + 4))
|
||||||
{
|
{
|
||||||
OPENSSL_PUT_ERROR(SSL, ssl3_send_certificate_request, ERR_R_BUF_LIB);
|
OPENSSL_PUT_ERROR(SSL, ssl3_send_certificate_request, ERR_R_BUF_LIB);
|
||||||
|
Loading…
Reference in New Issue
Block a user