Branch: Tag:

2015-10-27

2015-10-27 17:39:59 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Fixed issue with hash_messages().

hash_messages() ignored the len argument if used with TLS 1.0 or
TLS 1.1. This caused an interop problem with extended master secret
and TLS 1.0 or TLS 1.1. Note that there still seems to be more interop
issues remaining with extended master secret.

158:    else if(version <= PROTOCOL_TLS_1_1) {    return session->cipher_spec->prf(session->master_secret, sender,    Crypto.MD5.hash(handshake_messages)+ -  Crypto.SHA1.hash(handshake_messages), 12); +  Crypto.SHA1.hash(handshake_messages), +  len || 12);    }    return session->cipher_spec->prf(session->master_secret, sender,    session->cipher_spec->hash