projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ce5ddef)
Checkout return value of dtls1_output_cert_chain
authorMatt Caswell <matt@openssl.org>
Wed, 3 Dec 2014 11:15:40 +0000 (11:15 +0000)
committerMatt Caswell <matt@openssl.org>
Mon, 15 Dec 2014 21:27:19 +0000 (21:27 +0000)
Reviewed-by: Tim Hudson <tjh@openssl.org>
ssl/d1_clnt.c patch | blob | history
ssl/d1_srvr.c patch | blob | history

diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 9947be22ffc866ebee06c84c8f033c4438ffd837..9045fb9902f51856e5dfe40f660273c1312e3992 100644 (file)
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -1717,6 +1717,12 @@ int dtls1_send_client_certificate(SSL *s)
                s->state=SSL3_ST_CW_CERT_D;
                l=dtls1_output_cert_chain(s,
                        (s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
+               if (!l)
+                       {
+                       SSLerr(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+                       ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
+                       return 0;
+                       }
                s->init_num=(int)l;
                s->init_off=0;
 
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index a5660bc25b4457ead2e1a11132d7b3d005f24d4a..e40701ee622b4a2ddaec7a25bc0f558455dfc992 100644 (file)
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -1625,6 +1625,11 @@ int dtls1_send_server_certificate(SSL *s)
                        }
 
                l=dtls1_output_cert_chain(s,x);
+               if (!l)
+                       {
+                       SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
+                       return(0);
+                       }
                s->state=SSL3_ST_SW_CERT_B;
                s->init_num=(int)l;
                s->init_off=0;
Unnamed repository; edit this file 'description' to name the repository.