On Mon, May 22, 2000 at 04:52:12PM -0700, Claus Assmann wrote:
> Attached is a patch for the problem reported earlier. Please let
> me know whether the patch is ok.
>> The problem is in s3_clnt.c around line 1345:
>> tmp_buf[0]=s->client_version>>8;
>> tmp_buf[1]=s->client_version&0xff;
>> in function ssl3_send_client_key_exchange(SSL *s)
>>
>> s->client_version has the value 0x0301, but it should have 0x0300
>> according to Stalker.
The patch is wrong, the OpenSSL client implementation follows
the specification and the CgatePro server does not. See RFC 2246,
section 7.5.7.1 and draft-freier-ssl-version3-02.txt, section 5.6.7.1:
7.4.7.1. RSA encrypted premaster secret message
[...]
Structure of this message:
struct {
ProtocolVersion client_version;
opaque random[46];
} PreMasterSecret;
client_version
The latest (newest) version supported by the client. This is
used to detect version roll-back attacks. Upon receiving the
premaster secret, the server should check that this value
matches the value transmitted by the client in the client
hello message.
5.6.7.1 RSA encrypted premaster secret message
[...]
struct {
ProtocolVersion client_version;
opaque random[46];
} PreMasterSecret;
client_version The latest (newest) version supported by the
client. This is used to detect version
roll-back attacks.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
