generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix SSLv2-compatible ClientHello processing.

Browse Source 
If the client challenge is less than 32 bytes, it is padded with leading - not trailing - zero bytes.

Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Emilia Kasper 2015-08-18 19:01:51 +02:00
parent 2aa815c343
commit 9cc3e8f1f2
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/s3_srvr.c
View File

@ -1057,7 +1057,9 @@ int ssl3_get_client_hello(SSL *s)
/* Load the client random */ /* Load the client random */
i = (cl > SSL3_RANDOM_SIZE) ? SSL3_RANDOM_SIZE : cl; i = (cl > SSL3_RANDOM_SIZE) ? SSL3_RANDOM_SIZE : cl;
memset(s->s3->client_random, 0, SSL3_RANDOM_SIZE); memset(s->s3->client_random, 0, SSL3_RANDOM_SIZE);
if (!PACKET_peek_copy_bytes(&pkt, s->s3->client_random, i) if (!PACKET_peek_copy_bytes(&pkt,
s->s3->client_random + SSL3_RANDOM_SIZE - i,
i)
|| !PACKET_forward(&pkt, cl) || !PACKET_forward(&pkt, cl)
|| PACKET_remaining(&pkt) != 0) { || PACKET_remaining(&pkt) != 0) {
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_RECORD_LENGTH_MISMATCH); SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_RECORD_LENGTH_MISMATCH);