Additional CVE-2014-0224 protection.

snhenson · snhenson · commit 006cd7083f76 · 2014-06-05T09:04:27.000+01:00
Return a fatal error if an attempt is made to use a zero length
master secret.
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
@@ -1459,7 +1459,7 @@ int ssl3_do_change_cipher_spec(SSL *s)
 
 	if (s->s3->tmp.key_block == NULL)
 		{
-		if (s->session == NULL) 
+		if (s->session == NULL || s->session->master_key_length == 0)
 			{
 			/* might happen if dtls1_read_bytes() calls this */
 			SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);

Original file line number	Diff line number	Diff line change
`@@ -1459,7 +1459,7 @@ int ssl3_do_change_cipher_spec(SSL *s)`
`1459`	`1459`
`1460`	`1460`	`if (s->s3->tmp.key_block == NULL)`
`1461`	`1461`	`{`
`1462`		`- if (s->session == NULL)`
	`1462`	`+ if (s->session == NULL \|\| s->session->master_key_length == 0)`
`1463`	`1463`	`{`
`1464`	`1464`	`/* might happen if dtls1_read_bytes() calls this */`
`1465`	`1465`	`SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);`