1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00

* lib/openssl/ssl.rb: Use a simple random number to generate the

session id. MD5, as was used before, causes problems when
  using a FIPS version of OpenSSL. Issue was found by Jared
  Jennings, thank you!
  [ruby-trunk - Bug #6137]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36005 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
emboss 2012-06-10 01:53:20 +00:00
parent 839dc7d409
commit 43759fc1ed
2 changed files with 11 additions and 1 deletions

View file

@ -1,3 +1,11 @@
Sun Jun 10 10:48:15 2012 Martin Bosslet <Martin.Bosslet@googlemail.com>
* lib/openssl/ssl.rb: Use a simple random number to generate the
session id. MD5, as was used before, causes problems when
using a FIPS version of OpenSSL. Issue was found by Jared
Jennings, thank you!
[ruby-trunk - Bug #6137]
Sun Jun 10 10:27:34 2012 Martin Bosslet <Martin.Bosslet@googlemail.com> Sun Jun 10 10:27:34 2012 Martin Bosslet <Martin.Bosslet@googlemail.com>
* NEWS: Add note about the new private key export behavior. * NEWS: Add note about the new private key export behavior.

View file

@ -146,7 +146,9 @@ module OpenSSL
@svr = svr @svr = svr
@ctx = ctx @ctx = ctx
unless ctx.session_id_context unless ctx.session_id_context
session_id = OpenSSL::Digest::MD5.hexdigest($0) # see #6137 - session id may not exceed 32 bytes
prng = ::Random.new($0.hash)
session_id = prng.bytes(16).unpack('H*')[0]
@ctx.session_id_context = session_id @ctx.session_id_context = session_id
end end
@start_immediately = true @start_immediately = true