some small tidy up work

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@44 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
2025-04-21 10:26:06 +03:00 · 2006-11-30 05:25:19 +00:00 · 2006-11-30 05:25:19 +00:00 · ada6d5e41b
commit ada6d5e41b
parent 3064f8d199
6 changed files with 17 additions and 3 deletions
--- a/9
+++ b/9
@ -111,6 +111,15 @@ ActiveState's version works ok).
 # Known Issues
 ########################################################################

+* Firefox doesn't handle legacy SSLv2 at all well. Disabling SSLv2 still 
+  initiates a SSLv23 handshake (v1.5). And continuous pressing of the 
+  "Reload" page instigates a change to SSLv3 for some reason (even though the 
+  TLS 1.0 option is selected). This will cause a "Firefox and <server> cannot 
+  communicate securely because they have no common encryption 
+  algorithms" (v1.5), or "Firefox can't connect to <server> because the site 
+  uses a security protocol which isn't enabled" (v2.0). See bugzilla issues 
+  343543 and 359484 (Comment #7).  It's all broken (hopefully fixed soon).
+
 * Perl/Java bindings don't work on 64 bit Linux machines. I can't even compile
  the latest version of Perl on an AMD64 box (using FC3).

--- a/bindings/csharp/axTLS.cs
+++ b/bindings/csharp/axTLS.cs
@ -340,6 +340,9 @@ namespace axTLS
         *
         * For a client this involves sending another "client hello" message.
         * For the server is means sending a "hello request" message.
+         *
+         * This is a blocking call on the client (until the handshake 
+         * completes).
         * @param ssl [in] An SSL object reference.
         * @return SSL_OK if renegotiation instantiation was ok
         */
--- a/bindings/java/SSLCTX.java
+++ b/bindings/java/SSLCTX.java
@ -168,6 +168,8 @@ public class SSLCTX
     *
     * For a client this involves sending another "client hello" message.
     * For the server is means sending a "hello request" message.
+     *
+     * This is a blocking call on the client (until the handshake completes).
     * @param ssl [in] An SSL object reference.
     * @return SSL_OK if renegotiation instantiation was ok
     */
--- a/docsrc/doco_footer.html
+++ b/docsrc/doco_footer.html
@ -1,3 +1,3 @@
 <p></p>
 <p align="center"><img src="../images/tsbasbw.gif" width="1000" height="7"></p>
-<CITE>Copyright <sup>©</sup> 2006</CITE>
+<CITE>Copyright <sup>©</sup> 2006 Cameron Rich</CITE>
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@ -300,7 +300,7 @@ EXP_FUNC uint8_t STDCALL ssl_get_cipher_id(SSL *ssl);
 EXP_FUNC int STDCALL ssl_handshake_status(SSL *ssl);

 /**
- * @brief Retrieve various parameters about the TLS engine.
+ * @brief Retrieve various parameters about the axTLS engine.
 * @param offset [in] The configuration offset. It will be one of the following:
 * - SSL_BUILD_MODE The build mode. This will be one of the following:
 *   - SSL_BUILD_SERVER_ONLY            (basic server mode)
--- a/ssl/tls1.c
+++ b/ssl/tls1.c
@ -1150,7 +1150,7 @@ int basic_read(SSL *ssl, uint8_t **in_data)

    if (IS_SET_SSL_FLAG(SSL_NEED_RECORD))
    {
-        /* check for sslv2 "client hello" TODO: this shouldn't be here. */
+        /* check for sslv2 "client hello" */
        if (buf[0] & 0x80 && buf[2] == 1 && buf[3] == 0x03)
        {
 #ifdef CONFIG_SSL_ENABLE_V23_HANDSHAKE