diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2014-07-29 21:23:30 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2014-08-06 20:27:51 +0100 |
| commit | 83764a989dcc87fbea337da5f8f86806fe767b7e (patch) | |
| tree | bf5920ae6f7efeaf53c12e900cf136b10717a718 | |
| parent | 86788e1ee6908a5b3a4c95fa80caa4b724a8a434 (diff) | |
Fix SRP ciphersuite DoS vulnerability.
If a client attempted to use an SRP ciphersuite and it had not been
set up correctly it would crash with a null pointer read. A malicious
server could exploit this in a DoS attack.
Thanks to Joonas Kuorilehto and Riku Hietamäki from Codenomicon
for reporting this issue.
CVE-2014-5139
Reviewed-by: Tim Hudson <tjh@openssl.org>
| -rw-r--r-- | ssl/s3_clnt.c | 9 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 5 |
2 files changed, 14 insertions, 0 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index df05f788e9..0aba7e5e0a 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -954,6 +954,15 @@ int ssl3_get_server_hello(SSL *s) SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED); goto f_err; } +#ifndef OPENSSL_NO_SRP + if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) && + !(s->srp_ctx.srp_Mask & SSL_kSRP)) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED); + goto f_err; + } +#endif /* OPENSSL_NO_SRP */ p+=ssl_put_cipher_by_char(s,NULL,NULL); sk=ssl_get_ciphers_by_id(s); diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index ef6258ca9f..82a2c80129 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1406,6 +1406,11 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p, s->psk_client_callback == NULL) continue; #endif /* OPENSSL_NO_PSK */ +#ifndef OPENSSL_NO_SRP + if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) && + !(s->srp_ctx.srp_Mask & SSL_kSRP)) + continue; +#endif /* OPENSSL_NO_SRP */ j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p); p+=j; } |