aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-01-20 21:31:52 +0000
committerlloyd <[email protected]>2012-01-20 21:31:52 +0000
commitb7c09658fec70fe053b5dc5d4ebb31f91f5f41ff (patch)
treeab4a0bfb0972e8cb8403e1da4c60b8f5513218f4
parent00cc9cd8e59c117fc03c56f2363267f286c1faef (diff)
A change to Finished in 687c3c7dccdd2f5e4825bdb60155c7bfba22339f broke
SSLv3 handshakes: we need to copy the handshake state when we computed the finished data in the SSLv3 case because we need to add a little bit of data onto the end, but we don't want to include that data with the next computation. This meant that the finished message a client sent us was fine, but the one we sent out had a bad finished value and was rejected.
-rw-r--r--src/tls/finished.cpp8
1 files changed, 5 insertions, 3 deletions
diff --git a/src/tls/finished.cpp b/src/tls/finished.cpp
index 2eec244f2..ecb7c315a 100644
--- a/src/tls/finished.cpp
+++ b/src/tls/finished.cpp
@@ -39,14 +39,16 @@ MemoryVector<byte> finished_compute_verify(TLS_Handshake_State* state,
const byte SSL_CLIENT_LABEL[] = { 0x43, 0x4C, 0x4E, 0x54 };
const byte SSL_SERVER_LABEL[] = { 0x53, 0x52, 0x56, 0x52 };
+ TLS_Handshake_Hash hash = state->hash; // don't modify state
+
MemoryVector<byte> ssl3_finished;
if(side == CLIENT)
- state->hash.update(SSL_CLIENT_LABEL, sizeof(SSL_CLIENT_LABEL));
+ hash.update(SSL_CLIENT_LABEL, sizeof(SSL_CLIENT_LABEL));
else
- state->hash.update(SSL_SERVER_LABEL, sizeof(SSL_SERVER_LABEL));
+ hash.update(SSL_SERVER_LABEL, sizeof(SSL_SERVER_LABEL));
- return state->hash.final_ssl3(state->keys.master_secret());
+ return hash.final_ssl3(state->keys.master_secret());
}
else
{