projects
/
oweals
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
2aa815c
)
Fix SSLv2-compatible ClientHello processing.
author
Emilia Kasper
<emilia@openssl.org>
Tue, 18 Aug 2015 17:01:51 +0000
(19:01 +0200)
committer
Emilia Kasper
<emilia@openssl.org>
Wed, 26 Aug 2015 11:23:24 +0000
(13:23 +0200)
If the client challenge is less than 32 bytes, it is padded with leading - not trailing - zero bytes.
Reviewed-by: Matt Caswell <matt@openssl.org>
ssl/s3_srvr.c
patch
|
blob
|
history
diff --git
a/ssl/s3_srvr.c
b/ssl/s3_srvr.c
index 8bdb0829997a8ffcbf2f8054d07b16d098be3eb0..2d15c63b6b7f5bc9ba6a66d58615c3e520233af7 100644
(file)
--- a/
ssl/s3_srvr.c
+++ b/
ssl/s3_srvr.c
@@
-1057,7
+1057,9
@@
int ssl3_get_client_hello(SSL *s)
/* Load the client random */
i = (cl > SSL3_RANDOM_SIZE) ? SSL3_RANDOM_SIZE : cl;
memset(s->s3->client_random, 0, SSL3_RANDOM_SIZE);
- if (!PACKET_peek_copy_bytes(&pkt, s->s3->client_random, i)
+ if (!PACKET_peek_copy_bytes(&pkt,
+ s->s3->client_random + SSL3_RANDOM_SIZE - i,
+ i)
|| !PACKET_forward(&pkt, cl)
|| PACKET_remaining(&pkt) != 0) {
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_RECORD_LENGTH_MISMATCH);