generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check SRP parameters early.

Browse Source 
Check SRP parameters when they are received so we can send back an
appropriate alert.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
This commit is contained in:
Dr. Stephen Henson
2014-08-03 21:25:22 +01:00
committed by Matt Caswell
parent 4a23b12a03
commit 0989790b87
6 changed files with 54 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ssl/s3_clnt.c
View File

@@ -1570,6 +1570,12 @@ int ssl3_get_key_exchange(SSL *s)
p+=i;
n-=param_len;
if (!srp_verify_server_param(s, &al))
{
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SRP_PARAMETERS);
goto f_err;
}
/* We must check if there is a certificate */
#ifndef OPENSSL_NO_RSA
if (alg_a & SSL_aRSA)