> [john_fitzgib...@yahoo.com - Sat Mar 31 07:50:09 2012]: > > This is happening because of the following, (which looks like a bug), > in ssl/d1_srvr.c, line 923: > > Time=(unsigned long)time(NULL); /* > Time */ > l2n(Time,p); > RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); > > > sizeof(Time) is 8 bytes in x86_84, but l2n() has only advanced the > pointer 4 bytes. > > > This leaves 4 bytes of uninitialized data exposed in the random bytes > field for x68_64. > > Unless l2n() can do something different on other platforms, line 923 > should be more explicit: > > RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4); >
Fixed now, thanks for the report. > With this fix, my "no-asm" 64bit DTLS test yields a pcap that matches > the 32 bit build. > > ... that isolates the problem to the 64 bit assember changes between > 1.0.0 and 1.0.1, > specifically, (it would seem), for SHA-1. > > Andy has made some recent fixes to the AES code too which may be relevant. Please check the next snapshot to see if you still have problems. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
