summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsthen <>2014-06-05 20:38:11 +0000
committersthen <>2014-06-05 20:38:11 +0000
commit944844ebbb0c7d2235ec860c2d2b18018890eac5 (patch)
tree6b40e137583b67c44a254f59845154ed5ecbac3c
parentd0f81948182201e2d50b1bf34f37b39db21f3427 (diff)
downloadopenbsd-944844ebbb0c7d2235ec860c2d2b18018890eac5.tar.gz
openbsd-944844ebbb0c7d2235ec860c2d2b18018890eac5.tar.bz2
openbsd-944844ebbb0c7d2235ec860c2d2b18018890eac5.zip
MFC sess_cert fix (CVE-2014-3470)
"Ensure that sess_cert is not NULL before trying to use it. Fixes CVE-2014-3470, from OpenSSL." From s3_clnt.c r1.66
-rw-r--r--src/lib/libssl/src/ssl/s3_clnt.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index 397e148f11..18a4bdaf21 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -2510,6 +2510,14 @@ int ssl3_send_client_key_exchange(SSL *s)
2510 int ecdh_clnt_cert = 0; 2510 int ecdh_clnt_cert = 0;
2511 int field_size = 0; 2511 int field_size = 0;
2512 2512
2513 if (s->session->sess_cert == NULL) {
2514 ssl3_send_alert(s, SSL3_AL_FATAL,
2515 SSL_AD_UNEXPECTED_MESSAGE);
2516 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2517 SSL_R_UNEXPECTED_MESSAGE);
2518 goto err;
2519 }
2520
2513 /* Did we send out the client's 2521 /* Did we send out the client's
2514 * ECDH share for use in premaster 2522 * ECDH share for use in premaster
2515 * computation as part of client certificate? 2523 * computation as part of client certificate?