Loading CHANGES +22 −0 Original line number Diff line number Diff line Loading @@ -763,6 +763,28 @@ Changes between 0.9.7e and 0.9.7f [XX xxx XXXX] *) Use (SSL_RANDOM_VALUE - 4) bytes of pseudo random data when generating server and client random values. Previously (SSL_RANDOM_VALUE - sizeof(time_t)) would be used which would result in less random data when sizeof(time_t) > 4 (some 64 bit platforms). This change has negligible security impact because: 1. Server and client random values still have 24 bytes of pseudo random data. 2. Server and client random values are sent in the clear in the initial handshake. 3. The master secret is derived using the premaster secret (48 bytes in size for static RSA ciphersuites) as well as client server and random values. The OpenSSL team would like to thank the UK NISCC for bringing this issue to our attention. [Stephen Henson, reported by UK NISCC] *) Use Windows randomness collection on Cygwin. [Ulf Möller] Loading ssl/s3_clnt.c +1 −1 Original line number Diff line number Diff line Loading @@ -562,7 +562,7 @@ static int ssl3_client_hello(SSL *s) p=s->s3->client_random; Time=time(NULL); /* Time */ l2n(Time,p); RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4); /* Do the message type and length last */ d=p= &(buf[4]); Loading ssl/s3_srvr.c +1 −1 Original line number Diff line number Diff line Loading @@ -996,7 +996,7 @@ static int ssl3_send_server_hello(SSL *s) p=s->s3->server_random; Time=time(NULL); /* Time */ l2n(Time,p); RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4); /* Do the message type and length last */ d=p= &(buf[4]); Loading Loading
CHANGES +22 −0 Original line number Diff line number Diff line Loading @@ -763,6 +763,28 @@ Changes between 0.9.7e and 0.9.7f [XX xxx XXXX] *) Use (SSL_RANDOM_VALUE - 4) bytes of pseudo random data when generating server and client random values. Previously (SSL_RANDOM_VALUE - sizeof(time_t)) would be used which would result in less random data when sizeof(time_t) > 4 (some 64 bit platforms). This change has negligible security impact because: 1. Server and client random values still have 24 bytes of pseudo random data. 2. Server and client random values are sent in the clear in the initial handshake. 3. The master secret is derived using the premaster secret (48 bytes in size for static RSA ciphersuites) as well as client server and random values. The OpenSSL team would like to thank the UK NISCC for bringing this issue to our attention. [Stephen Henson, reported by UK NISCC] *) Use Windows randomness collection on Cygwin. [Ulf Möller] Loading
ssl/s3_clnt.c +1 −1 Original line number Diff line number Diff line Loading @@ -562,7 +562,7 @@ static int ssl3_client_hello(SSL *s) p=s->s3->client_random; Time=time(NULL); /* Time */ l2n(Time,p); RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4); /* Do the message type and length last */ d=p= &(buf[4]); Loading
ssl/s3_srvr.c +1 −1 Original line number Diff line number Diff line Loading @@ -996,7 +996,7 @@ static int ssl3_send_server_hello(SSL *s) p=s->s3->server_random; Time=time(NULL); /* Time */ l2n(Time,p); RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4); /* Do the message type and length last */ d=p= &(buf[4]); Loading
