sanity check
[openssl.git] / ssl / s3_pkt.c
index 07dd4b23d5204b6840c2b01e4af48d449ebafe76..7593ad91959b6be919d964c256e44f43d5eebfcf 100644 (file)
@@ -1302,6 +1302,13 @@ int ssl3_do_change_cipher_spec(SSL *s)
 
        if (s->s3->tmp.key_block == NULL)
                {
+               if (s->session == NULL) 
+                       {
+                       /* might happen if dtls1_read_bytes() calls this */
+                       SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);
+                       return (0);
+                       }
+
                s->session->cipher=s->s3->tmp.new_cipher;
                if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
                }