diff options
author | Bodo Möller <bodo@openssl.org> | 2001-06-01 09:41:25 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2001-06-01 09:41:25 +0000 |
commit | 31bc51c8cf4784f31732e5822d6fae894123a4f4 (patch) | |
tree | bc6fea4c28effced3e1507ae0632450912d1795c /ssl/s2_srvr.c | |
parent | be487c429ebe83f26b04f31112f755e4de13ef55 (diff) |
Fix Bleichenbacher PKCS #1 1.5 countermeasure.
(The attack against SSL 3.1 and TLS 1.0 is impractical anyway,
otherwise this would be a security relevant patch.)
Diffstat (limited to 'ssl/s2_srvr.c')
-rw-r--r-- | ssl/s2_srvr.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c index 10de5ec3db..cc9f591427 100644 --- a/ssl/s2_srvr.c +++ b/ssl/s2_srvr.c @@ -405,12 +405,13 @@ static int get_client_master_key(SSL *s) /* bad decrypt */ #if 1 /* If a bad decrypt, continue with protocol but with a - * dud master secret */ + * random master secret (Bleichenbacher attack) */ if ((i < 0) || ((!is_export && (i != EVP_CIPHER_key_length(c))) || (is_export && ((i != ek) || (s->s2->tmp.clear+i != EVP_CIPHER_key_length(c)))))) { + ERR_clear_error(); if (is_export) i=ek; else |