diff options
author | Emilia Kasper <emilia@openssl.org> | 2015-03-04 09:05:02 -0800 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-03-19 12:58:35 +0000 |
commit | 86f8fb0e344d62454f8daf3e15236b2b59210756 (patch) | |
tree | 60dfd04aea8199ad46fe8121794a334fef21d9aa /ssl/ssl_txt.c | |
parent | c0334c2c92dd1bc3ad8138ba6e74006c3631b0f9 (diff) |
Fix reachable assert in SSLv2 servers.
This assert is reachable for servers that support SSLv2 and export ciphers.
Therefore, such servers can be DoSed by sending a specially crafted
SSLv2 CLIENT-MASTER-KEY.
Also fix s2_srvr.c to error out early if the key lengths are malformed.
These lengths are sent unencrypted, so this does not introduce an oracle.
CVE-2015-0293
This issue was discovered by Sean Burford (Google) and Emilia Käsper of
the OpenSSL development team.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'ssl/ssl_txt.c')
0 files changed, 0 insertions, 0 deletions