提交 80bd7b41 编写于 作者: D Dr. Stephen Henson 提交者: Matt Caswell

Fix SRP ciphersuite DoS vulnerability.

If a client attempted to use an SRP ciphersuite and it had not been
set up correctly it would crash with a null pointer read. A malicious
server could exploit this in a DoS attack.

Thanks to Joonas Kuorilehto and Riku Hietamäki from Codenomicon
for reporting this issue.

CVE-2014-2970
Reviewed-by: NTim Hudson <tjh@openssl.org>
上级 fb0bc2b2
...@@ -1088,6 +1088,13 @@ void ssl_set_client_disabled(SSL *s) ...@@ -1088,6 +1088,13 @@ void ssl_set_client_disabled(SSL *s)
c->mask_k |= SSL_kPSK; c->mask_k |= SSL_kPSK;
} }
#endif /* OPENSSL_NO_PSK */ #endif /* OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_SRP
if (!(s->srp_ctx.srp_Mask & SSL_kSRP))
{
c->mask_a |= SSL_aSRP;
c->mask_k |= SSL_kSRP;
}
#endif
c->valid = 1; c->valid = 1;
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册