generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Zero the premaster secret after deriving the master secret in DH

Browse Source 
ciphersuites.
This commit is contained in:
Dr. Stephen Henson 2001-01-25 13:15:01 +00:00
parent 67c3cf0675
commit a342cc5a70
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@ -3,6 +3,10 @@
Changes between 0.9.6 and 0.9.7 [xx XXX 2000] Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
*) Zero the premaster secret after deriving the master secret in
DH ciphersuites.
[Steve Henson]
*) In PKCS7_set_type() initialise content_type in PKCS7_ENC_CONTENT *) In PKCS7_set_type() initialise content_type in PKCS7_ENC_CONTENT
to data. This was previously part of the PKCS7 ASN1 code. This to data. This was previously part of the PKCS7 ASN1 code. This
was causing problems with OpenSSL created PKCS#12 and PKCS#7 structures. was causing problems with OpenSSL created PKCS#12 and PKCS#7 structures.

1
ssl/s3_srvr.c
View File

@ -1425,6 +1425,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
s->session->master_key_length= s->session->master_key_length=
s->method->ssl3_enc->generate_master_secret(s, s->method->ssl3_enc->generate_master_secret(s,
s->session->master_key,p,i); s->session->master_key,p,i);
memset(p,0,i);
} }
else else
#endif #endif