diff options
author | Emilia Kasper <emilia@openssl.org> | 2015-03-04 09:05:02 -0800 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-03-19 12:58:35 +0000 |
commit | 86f8fb0e344d62454f8daf3e15236b2b59210756 (patch) | |
tree | 60dfd04aea8199ad46fe8121794a334fef21d9aa /ssl/s2_lib.c | |
parent | c0334c2c92dd1bc3ad8138ba6e74006c3631b0f9 (diff) |
Fix reachable assert in SSLv2 servers.
This assert is reachable for servers that support SSLv2 and export ciphers.
Therefore, such servers can be DoSed by sending a specially crafted
SSLv2 CLIENT-MASTER-KEY.
Also fix s2_srvr.c to error out early if the key lengths are malformed.
These lengths are sent unencrypted, so this does not introduce an oracle.
CVE-2015-0293
This issue was discovered by Sean Burford (Google) and Emilia Käsper of
the OpenSSL development team.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'ssl/s2_lib.c')
-rw-r--r-- | ssl/s2_lib.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c index f8a9439303..d55b93f76b 100644 --- a/ssl/s2_lib.c +++ b/ssl/s2_lib.c @@ -493,7 +493,7 @@ int ssl2_generate_key_material(SSL *s) OPENSSL_assert(s->session->master_key_length >= 0 && s->session->master_key_length - < (int)sizeof(s->session->master_key)); + <= (int)sizeof(s->session->master_key)); EVP_DigestUpdate(&ctx, s->session->master_key, s->session->master_key_length); EVP_DigestUpdate(&ctx, &c, 1); |