A ciph_ctx is declared auto, but not initialized in the SSL_kKRB5
codepath.
diff -ur openssl-0.9.7-stable-SNAP-20020312-orig/ssl/s3_clnt.c
openssl-0.9.7-stable-SNAP-20020312-work/ssl/s3_clnt.c
--- openssl-0.9.7-stable-SNAP-20020312-orig/ssl/s3_clnt.c Mon Jan
14 18:40:23 2002
+++ openssl-0.9.7-stable-SNAP-20020312-work/ssl/s3_clnt.c Thu Mar
14 00:35:18 2002
@@ -1494,6 +1494,8 @@
+ EVP_MAX_IV_LENGTH];
int padl, outl = sizeof(epms);
+ EVP_CIPHER_CTX_init (&ciph_ctx);
+
#ifdef KSSL_DEBUG
printf("ssl3_send_client_key_exchange(%lx &
%lx)\n",
l, SSL_kKRB5);
diff -ur openssl-0.9.7-stable-SNAP-20020312-orig/ssl/s3_srvr.c
openssl-0.9.7-stable-SNAP-20020312-work/ssl/s3_srvr.c
--- openssl-0.9.7-stable-SNAP-20020312-orig/ssl/s3_srvr.c Tue Mar
12 15:07:06 2002
+++ openssl-0.9.7-stable-SNAP-20020312-work/ssl/s3_srvr.c Thu Mar
14 00:35:44 2002
@@ -1559,6 +1559,8 @@
if (!kssl_ctx) kssl_ctx = kssl_ctx_new();
+ EVP_CIPHER_CTX_init (&ciph_ctx);
+
n2s(p,i);
enc_ticket.length = i;
enc_ticket.data = (char *)p;
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
