projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(from parent 1:
280b1f1
)
Fix DTLS anonymous EC(DH) denial of service
author
Emilia Käsper
<emilia@openssl.org>
Thu, 24 Jul 2014 20:15:29 +0000
(22:15 +0200)
committer
Matt Caswell
<matt@openssl.org>
Wed, 6 Aug 2014 19:36:40 +0000
(20:36 +0100)
CVE-2014-3510
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
ssl/s3_clnt.c
patch
|
blob
|
history
diff --git
a/ssl/s3_clnt.c
b/ssl/s3_clnt.c
index 9a94de00d8492a292995a90b3f0c45b1fe85e087..0a006a75342893fd4f2fdd30f930ec220b7694fa 100644
(file)
--- a/
ssl/s3_clnt.c
+++ b/
ssl/s3_clnt.c
@@
-2385,6
+2385,13
@@
int ssl3_send_client_key_exchange(SSL *s)
RSA *rsa;
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
+ if (s->session->sess_cert == NULL)
+ {
+ /* We should always have a server certificate with SSL_kRSA. */
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
if (s->session->sess_cert->peer_rsa_tmp != NULL)
rsa=s->session->sess_cert->peer_rsa_tmp;
else
projects / openssl.git / commitdiff