On Friday, 22 July 2016 17:14:43 CEST Stephen Henson via RT wrote: > On Fri Jul 22 14:56:11 2016, hka...@redhat.com wrote: > > the issue is present in master 0ed26acce328ec16a3aa and looks to have > > been > > > introduced in commit: > I tried what I thought was a fix for this which is to simply delete the > lines: > > if (decrypt_len < 0) > goto err; > > from ssl/statem/statem_srvr.c > > However your reproducer still indicates errors. I checked the message logs > and it should be now sending as many alerts as the original. The difference > however is that some of them will be sent immediately whereas originally > they would be at the end of the handshake. > > Could your reproducer possibly not be expecting this?
yes, it expects to be hitting the Bleichenbacher workaround - use of different premaster secret in case of problems with CKE message - as it's the same behaviour OpenSSL, NSS and GnuTLS exhibit -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4623 Please log in as guest with password guest if prompted
signature.asc
Description: PGP signature
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev