Hi! At least some "good" news: I found the bug. Here's the problem
description again:
(starttls to connect to mail.stalker.com, using OpenSSL 0.9.5a)
! According to the SSL/TLS standard, the first 2 bytes of that secret
! should be the protocol version. Since CgatePro insists on TLSv0 (aka
! SSL 3.0), the OpenSSL correctly switches to that protocol. But - forgets
! about it in the premaster secret: the first 2 bytes there show "3" "1",
! instead of "3" "0".
! Everywhere within the *protocol* itself, OpenSSL
! properly switches to SSL v3 and uses 3.0 everywhere. BUT. There is a thing
! called "premaster secret". NOT the protocol block that exchange that secret -
! that block correctly contains the 3.0 version tag. The "premaster secret"
! itself (when decoded) is a 48 byte "random" number. But this number should
! have 2 first bytes fixed. And those bytes should be 3 and 0 - i.e. the same as
! the version bytes in the protocol blocks.
The problem is in s3_clnt.c around line 1345:
tmp_buf[0]=s->client_version>>8;
tmp_buf[1]=s->client_version&0xff;
in function ssl3_send_client_key_exchange(SSL *s)
s->client_version has the value 0x0301, but it should have 0x0300
according to Stalker.
Can please someone with more inside knowledge verify this and apply
the proper patch?
Thanks!
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
