deps: upgrade openssl sources to 1.0.2m

This replaces all sources of openssl-1.0.2m.tar.gz into deps/openssl/openssl PR-URL: https://github.com/nodejs/node/pull/16691 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: James M Snell <jasnell@gmail.com>
author: Shigeki Ohtsu <ohtsu@ohtsu.org> 2017-11-03 00:22:35 +0900
committer: Myles Borins <mylesborins@google.com> 2017-11-03 12:22:29 -0500
commit: e7fff9c4435f9f5ef8069217d2a0093c81a8c78b (patch)
tree: 45fbbf4aae64902b831501231d16b7a0af2aeb53 /deps/openssl/openssl/ssl/s23_clnt.c
parent: 3d4d5e0c60f00693947c940b09249f3952bb0cdc (diff)
download: android-node-v8-e7fff9c4435f9f5ef8069217d2a0093c81a8c78b.tar.gz
android-node-v8-e7fff9c4435f9f5ef8069217d2a0093c81a8c78b.tar.bz2
android-node-v8-e7fff9c4435f9f5ef8069217d2a0093c81a8c78b.zip
1 files changed, 28 insertions, 0 deletions
diff --git a/deps/openssl/openssl/ssl/s23_clnt.c b/deps/openssl/openssl/ssl/s23_clnt.c
index b80d1fd8ce..92f41dd549 100644
--- a/deps/openssl/openssl/ssl/s23_clnt.c
+++ b/deps/openssl/openssl/ssl/s23_clnt.c
@@ -735,7 +735,35 @@ static int ssl23_get_server_hello(SSL *s)
             s->version = TLS1_2_VERSION;
             s->method = TLSv1_2_client_method();
         } else {
+            /*
+             * Unrecognised version, we'll send a protocol version alert using
+             * our preferred version.
+             */
+            switch(s->client_version) {
+            default:
+                /*
+                 * Shouldn't happen
+                 * Fall through
+                 */
+            case TLS1_2_VERSION:
+                s->version = TLS1_2_VERSION;
+                s->method = TLSv1_2_client_method();
+                break;
+            case TLS1_1_VERSION:
+                s->version = TLS1_1_VERSION;
+                s->method = TLSv1_1_client_method();
+                break;
+            case TLS1_VERSION:
+                s->version = TLS1_VERSION;
+                s->method = TLSv1_client_method();
+                break;
+            case SSL3_VERSION:
+                s->version = SSL3_VERSION;
+                s->method = SSLv3_client_method();
+                break;
+            }
             SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_PROTOCOL_VERSION);
             goto err;
         }
author	Shigeki Ohtsu <ohtsu@ohtsu.org>	2017-11-03 00:22:35 +0900
committer	Myles Borins <mylesborins@google.com>	2017-11-03 12:22:29 -0500
commit	e7fff9c4435f9f5ef8069217d2a0093c81a8c78b (patch)
tree	45fbbf4aae64902b831501231d16b7a0af2aeb53 /deps/openssl/openssl/ssl/s23_clnt.c
parent	3d4d5e0c60f00693947c940b09249f3952bb0cdc (diff)
download	android-node-v8-e7fff9c4435f9f5ef8069217d2a0093c81a8c78b.tar.gz android-node-v8-e7fff9c4435f9f5ef8069217d2a0093c81a8c78b.tar.bz2 android-node-v8-e7fff9c4435f9f5ef8069217d2a0093c81a8c78b.zip