Additional CVE-2014-0224 protection.

snhenson · snhenson · commit 897169fdf06b · 2014-06-03T16:30:23.000+01:00
Return a fatal error if an attempt is made to use a zero length
master secret.
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
@@ -1306,7 +1306,7 @@ int ssl3_do_change_cipher_spec(SSL *s)
 
 	if (s->s3->tmp.key_block == NULL)
 		{
-		if (s->session == NULL) 
+		if (s->session == NULL || s->session->master_key_length == 0)
 			{
 			/* might happen if dtls1_read_bytes() calls this */
 			SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);

Original file line number	Diff line number	Diff line change
`@@ -1306,7 +1306,7 @@ int ssl3_do_change_cipher_spec(SSL *s)`
`1306`	`1306`
`1307`	`1307`	`if (s->s3->tmp.key_block == NULL)`
`1308`	`1308`	`{`
`1309`		`- if (s->session == NULL)`
	`1309`	`+ if (s->session == NULL \|\| s->session->master_key_length == 0)`
`1310`	`1310`	`{`
`1311`	`1311`	`/* might happen if dtls1_read_bytes() calls this */`
`1312`	`1312`	`SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY);`