Fix SRP ciphersuite DoS vulnerability.

If a client attempted to use an SRP ciphersuite and it had not been set up correctly it would crash with a null pointer read. A malicious server could exploit this in a DoS attack. Thanks to Joonas Kuorilehto and Riku Hietamäki from Codenomicon for reporting this issue. CVE-2014-5139 Reviewed-by: Tim Hudson <tjh@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2014-07-29 21:23:30 +0100
committer: Matt Caswell <matt@openssl.org> 2014-08-06 20:27:51 +0100
commit: 83764a989dcc87fbea337da5f8f86806fe767b7e (patch)
tree: bf5920ae6f7efeaf53c12e900cf136b10717a718 /ssl/s3_clnt.c
parent: 86788e1ee6908a5b3a4c95fa80caa4b724a8a434 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index df05f788e9..0aba7e5e0a 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -954,6 +954,15 @@ int ssl3_get_server_hello(SSL *s)
 		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
 		goto f_err;
 		}
+#ifndef OPENSSL_NO_SRP
+	if (((c->algorithm_mkey & SSL_kSRP) || (c->algorithm_auth & SSL_aSRP)) &&
+		    !(s->srp_ctx.srp_Mask & SSL_kSRP))
+		{
+		al=SSL_AD_ILLEGAL_PARAMETER;
+		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
+		goto f_err;
+		}
+#endif /* OPENSSL_NO_SRP */
 	p+=ssl_put_cipher_by_char(s,NULL,NULL);
 
 	sk=ssl_get_ciphers_by_id(s);
author	Dr. Stephen Henson <steve@openssl.org>	2014-07-29 21:23:30 +0100
committer	Matt Caswell <matt@openssl.org>	2014-08-06 20:27:51 +0100
commit	83764a989dcc87fbea337da5f8f86806fe767b7e (patch)
tree	bf5920ae6f7efeaf53c12e900cf136b10717a718 /ssl/s3_clnt.c
parent	86788e1ee6908a5b3a4c95fa80caa4b724a8a434 (diff)