Send alert for bad DH CKE
authorDr. Stephen Henson <steve@openssl.org>
Fri, 22 Jul 2016 14:55:38 +0000 (15:55 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 22 Jul 2016 14:55:38 +0000 (15:55 +0100)
RT#4511

Reviewed-by: Matt Caswell <matt@openssl.org>
ssl/statem/statem_srvr.c

index e56d79121d4f8bcb2505ad2d3e680e4fb9bafcfd..b7f2a0fe2d3c34877896ffa8aba6686f3b3a851b 100644 (file)
@@ -2269,17 +2269,12 @@ static int tls_process_cke_dhe(SSL *s, PACKET *pkt, int *al)
     EVP_PKEY *ckey = NULL;
     int ret = 0;
 
-    if (!PACKET_get_net_2(pkt, &i)) {
+    if (!PACKET_get_net_2(pkt, &i) || PACKET_remaining(pkt) != i) {
         *al = SSL_AD_HANDSHAKE_FAILURE;
         SSLerr(SSL_F_TLS_PROCESS_CKE_DHE,
                SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
         goto err;
     }
-    if (PACKET_remaining(pkt) != i) {
-        SSLerr(SSL_F_TLS_PROCESS_CKE_DHE,
-               SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
-        goto err;
-    }
     skey = s->s3->tmp.pkey;
     if (skey == NULL) {
         *al = SSL_AD_HANDSHAKE_FAILURE;