[PATCH] SSL2 32-byte client auth challenge

Zeev Lieber Sat, 05 Oct 2002 05:36:35 -0700

openssl will read max 31 bytes of client auth challenge,
because the following line assumes total message length
is SSL2_MAX_CERT_CHALLENGE_LENGTH+1, where it's really
SSL2_MAX_CERT_CHALLENGE_LENGTH+2:


in static int client_certificate(SSL *s), s2_clnt.c:772

i=ssl2_read(s,(char *)&(buf[s->init_num]),
SSL2_MAX_CERT_CHALLENGE_LENGTH+1-s->init_num);

The result is that for 32 byte challenges, only 31 bytes
will be included in the hash, so the handshake will
fail.

The patch below fixes this problem.

Thanks
Zeev

--- openssl-orig/ssl/s2_clnt.c  Fri Oct  4 15:53:53 2002
+++ openssl-SNAP-20021003/ssl/s2_clnt.c Fri Oct  4 15:54:11 2002
@@ -770,8 +770,8 @@
        if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A)
                {
                i=ssl2_read(s,(char *)&(buf[s->init_num]),
-                       SSL2_MAX_CERT_CHALLENGE_LENGTH+1-s->init_num);
-               if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+1-s->init_num))
+                       SSL2_MAX_CERT_CHALLENGE_LENGTH+2-s->init_num);
+               if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+2-s->init_num))
                        return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i));
                s->init_num += i;
                if (s->msg_callback)


__________________________________________________
Do you Yahoo!?
New DSL Internet Access from SBC & Yahoo!
http://sbc.yahoo.com
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

[PATCH] SSL2 32-byte client auth challenge

Reply via email to