SSL Updates – NET+OS 7.0
Last Updated: 04/23/07 Fix Count: 2
Title
Timestamp removed from loopback connections
Case: internal
Date fixed: 04/23/07
Description
Code review determined this
was unnecessary.
Solution
Timestamp removed from loopback connections to reduce overhead.
Title
Unit
Freezes due to
memory leak in certificate handling for SSL
Case: 1216806
Date fixed:
09/22/06
Description
When used as a server, and
requesting a client certificate, and when the client does return a certificate,
the server always fails to verify the client certificate
(even
valid ones). This results in an SSL handshake failure.
When used as a client, this
causes the client's certificate verification process to always fail to validate
the server's certificate (even with valid server certificates), resulting
always in an SSL handshake failure.
Solution
Corrected naSslSetCertVerify() modes
for SSL_CERTIFICATE_VERIFY_PEER and
SSL_CERTIFICATE_VERIFY_FAIL_IF_NO_PEER.
Files: netos\lib\arm7\32b\ghs\libssl.a
netos\lib\arm9\32b\gnu\libssl.a
netos\lib\arm7\32b\ghs\libssl.a
netos\lib\arm9\32b\gnu\libssl.a
Special Instructions
- Unzip the
patch(es) to the root
of your NET+OS installation, for example C:\netos70\.
- Be
sure to install any patches listed under Dependencies below
- Rebuild
your application.
Patch Link: SSLUpdates_70
Dependencies
This patch also requires the
installation of the following patch(es):
None