I just found another timing bug...
--- crypto/bio/bss_dgram.c 5 Jun 2009 08:35:54 - 1.7.2.13
+++ crypto/bio/bss_dgram.c 5 Jun 2009 14:00:26 -
@@ -217,12 +217,19 @@
timeleft.tv_usec += 100;
}
+ if (timeleft.
Here is an updated version, the last didn't cover every variation of
the handshake message flow because the CertificateVerify state is
entered every time, not only when a CertificateVerify message is
really expected.
--- crypto/bio/bss_dgram.c 5 Jun 2009 08:35:54 - 1.7.2.13
When handshake messages can't be reassembled because a fragment got
lost, the ChangeCipherSpec included in the same flight was still
processed. The new mastersecret has not been calculated yet, so random
memory is used causing the connection to fail. This patch drops every
ChangeCipherSpec
