提交 8d65fdb6 编写于 作者: D Dr. Stephen Henson

Add fix for CVE-2013-4353

(cherry picked from commit 6b42ed4e7104898f4b5b69337589719913b36404)
上级 9bd1e2b5
...@@ -203,7 +203,11 @@ static void ssl3_take_mac(SSL *s) ...@@ -203,7 +203,11 @@ static void ssl3_take_mac(SSL *s)
{ {
const char *sender; const char *sender;
int slen; int slen;
/* If no new cipher setup return immediately: other functions will
* set the appropriate error.
*/
if (s->s3->tmp.new_cipher == NULL)
return;
if (s->state & SSL_ST_CONNECT) if (s->state & SSL_ST_CONNECT)
{ {
sender=s->method->ssl3_enc->server_finished_label; sender=s->method->ssl3_enc->server_finished_label;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册