openssl/ssl
Kurt Roeckx 947f3156ec Initialize the session_id
ssl_session_hash() always looks at the first 4 bytes, regardless of the length.
A client can send a session id that's shorter, and the callback could also
generate one that's shorter.  So we make sure that the rest of the buffer is
initliazed to 0 so that we always calculate the same hash.

Found by tis-interpreter, also previously reported as RT #2871

Reviewed-by: Rich Salz <rsalz@openssl.org>

MR: #2911
2016-06-14 19:30:36 +02:00
..
record Always use session_ctx when removing a session 2016-06-08 15:22:41 +01:00
statem RT3720 Increment session miss counter properly 2016-06-09 23:34:18 +01:00
bio_ssl.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
build.info Update build.info files for auto-init/de-init 2016-02-09 15:11:38 +00:00
d1_lib.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
d1_msg.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
d1_srtp.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
methods.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
packet_locl.h Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
pqueue.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
s3_cbc.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
s3_enc.c Add some missing return value checks 2016-06-13 17:38:39 +01:00
s3_lib.c Add SSL_CTX_get_tlsext_status_type() 2016-06-07 17:05:52 +01:00
s3_msg.c Always use session_ctx when removing a session 2016-06-08 15:22:41 +01:00
ssl_asn1.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_cert.c Fix ssl_cert_set0_chain invalid pointer 2016-05-27 17:20:10 +01:00
ssl_ciph.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_conf.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_err.c RT3895: Remove fprintf's from SSL library. 2016-06-04 07:08:29 -04:00
ssl_init.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_lib.c Don't compare a just free()d pointer 2016-06-11 16:43:49 +02:00
ssl_locl.h Handle a memory allocation failure in ssl3_init_finished_mac() 2016-06-03 20:29:04 +01:00
ssl_mcnf.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_rsa.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_sess.c Initialize the session_id 2016-06-14 19:30:36 +02:00
ssl_stat.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_txt.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ssl_utst.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_enc.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_ext.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_lib.c Fix comment 2016-06-14 10:41:00 +01:00
t1_reneg.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_trce.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
tls_srp.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00