generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix SRP ciphersuite DoS vulnerability.

Browse Source 
If a client attempted to use an SRP ciphersuite and it had not been
set up correctly it would crash with a null pointer read. A malicious
server could exploit this in a DoS attack.

Thanks to Joonas Kuorilehto and Riku Hietamäki from Codenomicon
for reporting this issue.

CVE-2014-2970
Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
Dr. Stephen Henson 2014-07-25 00:50:06 +01:00 committed by Matt Caswell
parent 92aa73bcbf
commit f338c2e0c2
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ssl/t1_lib.c
View File

@ -1086,6 +1086,13 @@ void ssl_set_client_disabled(SSL *s)
c->mask_k |= SSL_kPSK; c->mask_k |= SSL_kPSK;
} }
#endif /* OPENSSL_NO_PSK */ #endif /* OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_SRP
if (!(s->srp_ctx.srp_Mask & SSL_kSRP))
{
c->mask_a |= SSL_aSRP;
c->mask_k |= SSL_kSRP;
}
#endif
c->valid = 1; c->valid = 1;
} }