kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix SSLv3 version check in BoGo.

Browse Source 
Static RSA key exchange in SSLv3 does not have a length prefix. We were
checking the ClientHello version rather than the final version.

Change-Id: I2d0e9d3b5a368a7caf8b1ca69f1631400a847f52
Reviewed-on: https://boringssl-review.googlesource.com/14314
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Matt Braithwaite <mab@google.com>
Reviewed-by: Matt Braithwaite <mab@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2017-03-20 14:03:38 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent edb729959f
commit 73812e06b0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/test/runner/key_agreement.go
View File

@ -168,7 +168,7 @@ func (ka *rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello
encrypted[0] = 0
}
ckx := new(clientKeyExchangeMsg)
if clientHello.vers != VersionSSL30 {
if ka.version != VersionSSL30 {
ckx.ciphertext = make([]byte, len(encrypted)+2)
ckx.ciphertext[0] = byte(len(encrypted) >> 8)
ckx.ciphertext[1] = byte(len(encrypted))