CBC overwrote (encrypted) the following block in write_record. I

missed it before because the buffer was pre-sized to maximum
allowable, thus it just encrypted something we never sent.

However after the buffer sizes were set to zero, it would start
encrypting ... something ... after the block. This would manifest by
strange crashes during a full client renegotiation. The problem was
that the buffer was sized up a bit for sending the unencrypted
messages (client kex, etc) and so we had some wiggle room. However
sending an encrypted client kex took more space than that (due to the
MAC, etc) so a full renegotiation would cause values to be
overwritten.

0 files changed, 0 insertions, 0 deletions