Fix SRP ciphersuite DoS vulnerability.
If a client attempted to use an SRP ciphersuite and it had not been set up correctly it would crash with a null pointer read. A malicious server could exploit this in a DoS attack. Thanks to Joonas Kuorilehto and Riku Hietamäki from Codenomicon for reporting this issue. CVE-2014-2970 Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
Dr. Stephen Henson
Matt Caswell
parent
92aa73bcbf
commit
f338c2e0c2
@ -1086,6 +1086,13 @@ void ssl_set_client_disabled(SSL *s)
|
||||
c->mask_k |= SSL_kPSK;
|
||||
}
|
||||
#endif /* OPENSSL_NO_PSK */
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
if (!(s->srp_ctx.srp_Mask & SSL_kSRP))
|
||||
{
|
||||
c->mask_a |= SSL_aSRP;
|
||||
c->mask_k |= SSL_kSRP;
|
||||
}
|
||||
#endif
|
||||
c->valid = 1;
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user