diff options
| author | Andy Polyakov <appro@openssl.org> | 2007-09-30 22:03:07 +0000 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2007-09-30 22:03:07 +0000 |
| commit | 57191f86d9139fc46f81d217ce24bee460a721f2 (patch) | |
| tree | 27502805c00bb6a07a62aced9a14c53b8b79ac23 | |
| parent | 0a89c575de613ff6fa3506b6ec025e786f9d0097 (diff) | |
Explicit IV update [from HEAD].
| -rw-r--r-- | ssl/d1_pkt.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 333a26c0c2..6a68dd110e 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -120,6 +120,7 @@ #include <openssl/evp.h> #include <openssl/buffer.h> #include <openssl/pqueue.h> +#include <openssl/rand.h> static int have_handshake_fragment(SSL *s, int type, unsigned char *buf, int len, int peek); @@ -1395,8 +1396,14 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, /* ssl3_enc can only have an error on read */ - wr->length += bs; /* bs != 0 in case of CBC. The enc fn provides - * the randomness */ + if (bs) /* bs != 0 in case of CBC */ + { + RAND_pseudo_bytes(p,bs); + /* master IV and last CBC residue stand for + * the rest of randomness */ + wr->length += bs; + } + s->method->ssl3_enc->enc(s,1); /* record length after mac and block padding */ |