Check SRP parameters early.

Check SRP parameters when they are received so we can send back an appropriate alert. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2014-08-01 14:56:56 +0100
committer: Matt Caswell <matt@openssl.org> 2014-08-06 20:27:51 +0100
commit: d15d17bb6487a3e7b59a22882b6a22300fe5111d (patch)
tree: 05ab19c27c6c9f1f6b020f18d78175ef1bed8e67 /ssl/s3_srvr.c
parent: 966fe81f9befbff62522a158006fb03050a868df (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index eb250931ff..2867501287 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2795,6 +2795,13 @@ int ssl3_get_client_key_exchange(SSL *s)
 				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_BN_LIB);
 				goto err;
 				}
+			if (BN_ucmp(s->srp_ctx.A, s->srp_ctx.N) >= 0
+				|| BN_is_zero(s->srp_ctx.A))
+				{
+				al=SSL_AD_ILLEGAL_PARAMETER;
+				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_SRP_PARAMETERS);
+				goto f_err;
+				}
 			if (s->session->srp_username != NULL)
 				OPENSSL_free(s->session->srp_username);
 			s->session->srp_username = BUF_strdup(s->srp_ctx.login);
author	Dr. Stephen Henson <steve@openssl.org>	2014-08-01 14:56:56 +0100
committer	Matt Caswell <matt@openssl.org>	2014-08-06 20:27:51 +0100
commit	d15d17bb6487a3e7b59a22882b6a22300fe5111d (patch)
tree	05ab19c27c6c9f1f6b020f18d78175ef1bed8e67 /ssl/s3_srvr.c
parent	966fe81f9befbff62522a158006fb03050a868df (diff)