提交 a342cc5a 编写于 作者: D Dr. Stephen Henson

Zero the premaster secret after deriving the master secret in DH

ciphersuites.
上级 67c3cf06
......@@ -3,6 +3,10 @@
Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
*) Zero the premaster secret after deriving the master secret in
DH ciphersuites.
[Steve Henson]
*) In PKCS7_set_type() initialise content_type in PKCS7_ENC_CONTENT
to data. This was previously part of the PKCS7 ASN1 code. This
was causing problems with OpenSSL created PKCS#12 and PKCS#7 structures.
......
......@@ -1425,6 +1425,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
s->session->master_key_length=
s->method->ssl3_enc->generate_master_secret(s,
s->session->master_key,p,i);
memset(p,0,i);
}
else
#endif
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册