CHANGES · de1915e48c0be56fadf7c7f1987536e1522df275 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL · GitLab

Find file Blame History Permalink

Fix horrible (and hard to track down) bug in ssl23_get_client_hello: · de1915e4

Bodo Möller authored Aug 18, 1999

In case of a restart, v[0] and v[1] were incorrectly initialised.
This was interpreted by ssl3_get_client_key_exchange as an RSA decryption
failure (don't ask me why) and caused it to create a _random_ master key
instead (even weirder), which obviously led to incorrect input to
ssl3_generate_master_secret and thus caused "block cipher pad is
wrong" error messages from ssl3_enc for the client's Finished message.
Arrgh.

de1915e4

To find the state of this project's repository at the time of any of these versions, check out the tags.