generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the past

Browse Source 
produce an error (CVE-2011-3207)

Fix TLS ephemeral DH crash bug (CVE-2011-3210)
This commit is contained in:
Dr. Stephen Henson 2011-09-06 12:53:56 +00:00
parent e935440ad7
commit c2a8133d1c
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@ -4,8 +4,12 @@
Changes between 1.0.0d and 1.0.0e [xx XXX xxxx]
*) Fix bug where CRLs with nextUpdate in the past are sometimes accepted
by initialising X509_STORE_CTX properly. (CVE-2011-3207)
[Kaspar Brand <ossl@velox.ch>]
*) Fix SSL memory handling for (EC)DH ciphersuites, in particular
for multi-threaded use of ECDH.
for multi-threaded use of ECDH. (CVE-2011-3210)
[Adam Langley (Google)]
*) Fix x509_name_ex_d2i memory leak on bad inputs.

4
crypto/x509/x509_vfy.c
View File

@ -703,6 +703,7 @@ static int check_cert(X509_STORE_CTX *ctx)
x = sk_X509_value(ctx->chain, cnum);
ctx->current_cert = x;
ctx->current_issuer = NULL;
ctx->current_crl_score = 0;
ctx->current_reasons = 0;
while (ctx->current_reasons != CRLDP_ALL_REASONS)
{
@ -2015,6 +2016,9 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
ctx->error_depth=0;
ctx->current_cert=NULL;
ctx->current_issuer=NULL;
ctx->current_crl=NULL;
ctx->current_crl_score=0;
ctx->current_reasons=0;
ctx->tree = NULL;
ctx->parent = NULL;