diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-03-18 14:19:22 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2014-12-16 15:01:29 +0000 |
commit | c8667a2e462c3e9e2c4fe1dc170b9b157d9ba938 (patch) | |
tree | 75471657087e6c77acda4820a6e10e31f563966e /ssl | |
parent | 5ee441162e3a5a236429f43d5c352beb5eb29cc3 (diff) |
Check return value of ssl3_output_cert_chain
(cherry picked from commit 66f96fe2d519147097c118d4bf60704c69ed0635)
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_clnt.c | 9 | ||||
-rw-r--r-- | ssl/s3_srvr.c | 6 |
2 files changed, 12 insertions, 3 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index b16b3c44c0..2b9fdb0599 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -3470,8 +3470,13 @@ int ssl3_send_client_certificate(SSL *s) if (s->state == SSL3_ST_CW_CERT_C) { s->state=SSL3_ST_CW_CERT_D; - ssl3_output_cert_chain(s, - (s->s3->tmp.cert_req == 2)?NULL:s->cert->key); + if (!ssl3_output_cert_chain(s, + (s->s3->tmp.cert_req == 2)?NULL:s->cert->key)) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR); + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR); + return 0; + } } /* SSL3_ST_CW_CERT_D */ return ssl_do_write(s); diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index a4342ba83f..83d110fcc7 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -3450,7 +3450,11 @@ int ssl3_send_server_certificate(SSL *s) } } - ssl3_output_cert_chain(s,cpk); + if (!ssl3_output_cert_chain(s,cpk)) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR); + return(0); + } s->state=SSL3_ST_SW_CERT_B; } |