ECDH downgrade bug fix.

Fix bug where an OpenSSL client would accept a handshake using an ephemeral ECDH ciphersuites with the server key exchange message omitted. Thanks to Karthikeyan Bhargavan for reporting this issue. CVE-2014-3572 Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit b15f876964)
2014-10-24 12:30:33 +01:00
parent d96c24926d
commit 4aaf1e493c
2 changed files with 22 additions and 3 deletions
--- a/7
+++ b/7
@@ -365,6 +365,13 @@

 Changes between 1.0.1j and 1.0.1k [xx XXX xxxx]

+  *) Abort handshake if server key exchange message is omitted for ephemeral
+     ECDH ciphersuites.
+
+     Thanks to Karthikeyan Bhargavan for reporting this issue.
+     (CVE-2014-3572)
+     [Steve Henson]
+
  *) Ensure that the session ID context of an SSL is updated when its
     SSL_CTX is updated via SSL_set_SSL_CTX.