Fix Bleichenbacher PKCS #1 1.5 countermeasure.

(The attack against SSL 3.1 and TLS 1.0 is impractical anyway, otherwise this would be a security relevant patch.)
author: Bodo Möller <bodo@openssl.org> 2001-06-01 09:41:25 +0000
committer: Bodo Möller <bodo@openssl.org> 2001-06-01 09:41:25 +0000
commit: 31bc51c8cf4784f31732e5822d6fae894123a4f4 (patch)
tree: bc6fea4c28effced3e1507ae0632450912d1795c /ssl/s2_srvr.c
parent: be487c429ebe83f26b04f31112f755e4de13ef55 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index 10de5ec3db..cc9f591427 100644
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -405,12 +405,13 @@ static int get_client_master_key(SSL *s)
 	/* bad decrypt */
 #if 1
 	/* If a bad decrypt, continue with protocol but with a
-	 * dud master secret */
+	 * random master secret (Bleichenbacher attack) */
 	if ((i < 0) ||
 		((!is_export && (i != EVP_CIPHER_key_length(c)))
 		|| (is_export && ((i != ek) || (s->s2->tmp.clear+i !=
 			EVP_CIPHER_key_length(c))))))
 		{
+		ERR_clear_error();
 		if (is_export)
 			i=ek;
 		else
author	Bodo Möller <bodo@openssl.org>	2001-06-01 09:41:25 +0000
committer	Bodo Möller <bodo@openssl.org>	2001-06-01 09:41:25 +0000
commit	31bc51c8cf4784f31732e5822d6fae894123a4f4 (patch)
tree	bc6fea4c28effced3e1507ae0632450912d1795c /ssl/s2_srvr.c
parent	be487c429ebe83f26b04f31112f755e4de13ef55 (diff)