Skip to content

Commit 1716003

Browse files
ekaspermattcaswell
authored andcommitted
Fix DTLS anonymous EC(DH) denial of service
CVE-2014-3510 Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
1 parent 280b1f1 commit 1716003

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

Diff for: ssl/s3_clnt.c

+7
Original file line numberDiff line numberDiff line change
@@ -2385,6 +2385,13 @@ int ssl3_send_client_key_exchange(SSL *s)
23852385
RSA *rsa;
23862386
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
23872387

2388+
if (s->session->sess_cert == NULL)
2389+
{
2390+
/* We should always have a server certificate with SSL_kRSA. */
2391+
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
2392+
goto err;
2393+
}
2394+
23882395
if (s->session->sess_cert->peer_rsa_tmp != NULL)
23892396
rsa=s->session->sess_cert->peer_rsa_tmp;
23902397
else

0 commit comments

Comments
 (0)