Fix Seg fault in DTLSv1_listen

The DTLSv1_listen function is intended to be stateless and processes the initial ClientHello from many peers. It is common for user code to loop over the call to DTLSv1_listen until a valid ClientHello is received with an associated cookie. A defect in the implementation of DTLSv1_listen means that state is preserved in the SSL object from one invokation to the next that can lead to a segmentation fault. Erorrs processing the initial ClientHello can trigger this scenario. An example of such an error could be that a DTLS1.0 only client is attempting to connect to a DTLS1.2 only server. CVE-2015-0207 Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-03-09 16:09:04 +0000
committer: Matt Caswell <matt@openssl.org> 2015-03-19 11:11:22 +0000
commit: 819418110b6fff4a7b96f01a5d68f71df3e3b736 (patch)
tree: 14848aa0ae4588076ab7791684d27b186cacb0df
parent: 77c77f0a1b9f15b869ca3342186dfbedd1119d0e (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 1f1005421e..ee78921ba8 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -543,6 +543,9 @@ int dtls1_listen(SSL *s, struct sockaddr *client)
 {
     int ret;
 
+    /* Ensure there is no state left over from a previous invocation */
+    SSL_clear(s);
+
     SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
     s->d1->listen = 1;
author	Matt Caswell <matt@openssl.org>	2015-03-09 16:09:04 +0000
committer	Matt Caswell <matt@openssl.org>	2015-03-19 11:11:22 +0000
commit	819418110b6fff4a7b96f01a5d68f71df3e3b736 (patch)
tree	14848aa0ae4588076ab7791684d27b186cacb0df
parent	77c77f0a1b9f15b869ca3342186dfbedd1119d0e (diff)