projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
8942b92
)
Additional CVE-2014-0224 protection.
author
Dr. Stephen Henson
<steve@openssl.org>
Fri, 16 May 2014 11:55:16 +0000
(12:55 +0100)
committer
Dr. Stephen Henson
<steve@openssl.org>
Thu, 5 Jun 2014 12:24:40 +0000
(13:24 +0100)
Return a fatal error if an attempt is made to use a zero length
master secret.
(cherry picked from commit
006cd7083f76ed5cb0d9a914857e9231ef1bc317
)
ssl/s3_pkt.c
patch
|
blob
|
history
diff --git
a/ssl/s3_pkt.c
b/ssl/s3_pkt.c
index d0f3c764a3aa2777a8cc1983d7696fab334e8c50..ccd82df31401e6345785bc47afa4d3142f1f92b0 100644
(file)
--- a/
ssl/s3_pkt.c
+++ b/
ssl/s3_pkt.c
@@
-1632,7
+1632,7
@@
int ssl3_do_change_cipher_spec(SSL *s)
if (s->s3->tmp.key_block == NULL)
{
- if (s->session == NULL
)
+ if (s->session == NULL
|| s->session->master_key_length == 0)
{
/* might happen if dtls1_read_bytes() calls this */
SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);